1 /**

     2  * @output wp-admin/js/auth-app.js

     3  */

     4 

     5 /* global authApp */

     6 

     7 ( function( $, authApp ) {

     8 	var $appNameField = $( '#app_name' ),

     9 		$approveBtn = $( '#approve' ),

    10 		$rejectBtn = $( '#reject' ),

    11 		$form = $appNameField.closest( 'form' ),

    12 		context = {

    13 			userLogin: authApp.user_login,

    14 			successUrl: authApp.success,

    15 			rejectUrl: authApp.reject

    16 		};

    17 

    18 	$approveBtn.on( 'click', function( e ) {

    19 		var name = $appNameField.val(),

    20 			appId = $( 'input[name="app_id"]', $form ).val();

    21 

    22 		e.preventDefault();

    23 

    24 		if ( $approveBtn.prop( 'aria-disabled' ) ) {

    25 			return;

    26 		}

    27 

    28 		if ( 0 === name.length ) {

    29 			$appNameField.trigger( 'focus' );

    30 			return;

    31 		}

    32 

    33 		$approveBtn.prop( 'aria-disabled', true ).addClass( 'disabled' );

    34 

    35 		var request = {

    36 			name: name

    37 		};

    38 

    39 		if ( appId.length > 0 ) {

    40 			request.app_id = appId;

    41 		}

    42 

    43 		/**

    44 		 * Filters the request data used to Authorize an Application Password request.

    45 		 *

    46 		 * @since 5.6.0

    47 		 *

    48 		 * @param {Object} request            The request data.

    49 		 * @param {Object} context            Context about the Application Password request.

    50 		 * @param {string} context.userLogin  The user's login username.

    51 		 * @param {string} context.successUrl The URL the user will be redirected to after approving the request.

    52 		 * @param {string} context.rejectUrl  The URL the user will be redirected to after rejecting the request.

    53 		 */

    54 		request = wp.hooks.applyFilters( 'wp_application_passwords_approve_app_request', request, context );

    55 

    56 		wp.apiRequest( {

    57 			path: '/wp/v2/users/me/application-passwords?_locale=user',

    58 			method: 'POST',

    59 			data: request

    60 		} ).done( function( response, textStatus, jqXHR ) {

    61 

    62 			/**

    63 			 * Fires when an Authorize Application Password request has been successfully approved.

    64 			 *

    65 			 * In most cases, this should be used in combination with the {@see 'wp_authorize_application_password_form_approved_no_js'}

    66 			 * action to ensure that both the JS and no-JS variants are handled.

    67 			 *

    68 			 * @since 5.6.0

    69 			 *

    70 			 * @param {Object} response          The response from the REST API.

    71 			 * @param {string} response.password The newly created password.

    72 			 * @param {string} textStatus        The status of the request.

    73 			 * @param {jqXHR}  jqXHR             The underlying jqXHR object that made the request.

    74 			 */

    75 			wp.hooks.doAction( 'wp_application_passwords_approve_app_request_success', response, textStatus, jqXHR );

    76 

    77 			var raw = authApp.success,

    78 				url, message, $notice;

    79 

    80 			if ( raw ) {

    81 				url = raw + ( -1 === raw.indexOf( '?' ) ? '?' : '&' ) +

    82 					'site_url=' + encodeURIComponent( authApp.site_url ) +

    83 					'&user_login=' + encodeURIComponent( authApp.user_login ) +

    84 					'&password=' + encodeURIComponent( response.password );

    85 

    86 				window.location = url;

    87 			} else {

    88 				message = wp.i18n.sprintf(

    89 					/* translators: %s: Application name. */

    90 					'<label for="new-application-password-value">' + wp.i18n.__( 'Your new password for %s is:' ) + '</label>',

    91 					'<strong></strong>'

    92 				) + ' <input id="new-application-password-value" type="text" class="code" readonly="readonly" value="" />';

    93 				$notice = $( '<div></div>' )

    94 					.attr( 'role', 'alert' )

    95 					.attr( 'tabindex', -1 )

    96 					.addClass( 'notice notice-success notice-alt' )

    97 					.append( $( '<p></p>' ).addClass( 'application-password-display' ).html( message ) )

    98 					.append( '<p>' + wp.i18n.__( 'Be sure to save this in a safe location. You will not be able to retrieve it.' ) + '</p>' );

    99 

   100 				// We're using .text() to write the variables to avoid any chance of XSS.

   101 				$( 'strong', $notice ).text( response.name );

   102 				$( 'input', $notice ).val( response.password );

   103 

   104 				$form.replaceWith( $notice );

   105 				$notice.trigger( 'focus' );

   106 			}

   107 		} ).fail( function( jqXHR, textStatus, errorThrown ) {

   108 			var errorMessage = errorThrown,

   109 				error = null;

   110 

   111 			if ( jqXHR.responseJSON ) {

   112 				error = jqXHR.responseJSON;

   113 

   114 				if ( error.message ) {

   115 					errorMessage = error.message;

   116 				}

   117 			}

   118 

   119 			var $notice = $( '<div></div>' )

   120 				.attr( 'role', 'alert' )

   121 				.addClass( 'notice notice-error' )

   122 				.append( $( '<p></p>' ).text( errorMessage ) );

   123 

   124 			$( 'h1' ).after( $notice );

   125 

   126 			$approveBtn.removeProp( 'aria-disabled', false ).removeClass( 'disabled' );

   127 

   128 			/**

   129 			 * Fires when an Authorize Application Password request encountered an error when trying to approve the request.

   130 			 *

   131 			 * @since 5.6.0

   132 			 * @since 5.6.1 Corrected action name and signature.

   133 			 *

   134 			 * @param {Object|null} error       The error from the REST API. May be null if the server did not send proper JSON.

   135 			 * @param {string}      textStatus  The status of the request.

   136 			 * @param {string}      errorThrown The error message associated with the response status code.

   137 			 * @param {jqXHR}       jqXHR       The underlying jqXHR object that made the request.

   138 			 */

   139 			wp.hooks.doAction( 'wp_application_passwords_approve_app_request_error', error, textStatus, errorThrown, jqXHR );

   140 		} );

   141 	} );

   142 

   143 	$rejectBtn.on( 'click', function( e ) {

   144 		e.preventDefault();

   145 

   146 		/**

   147 		 * Fires when an Authorize Application Password request has been rejected by the user.

   148 		 *

   149 		 * @since 5.6.0

   150 		 *

   151 		 * @param {Object} context            Context about the Application Password request.

   152 		 * @param {string} context.userLogin  The user's login username.

   153 		 * @param {string} context.successUrl The URL the user will be redirected to after approving the request.

   154 		 * @param {string} context.rejectUrl  The URL the user will be redirected to after rejecting the request.

   155 		 */

   156 		wp.hooks.doAction( 'wp_application_passwords_reject_app', context );

   157 

   158 		// @todo: Make a better way to do this so it feels like less of a semi-open redirect.

   159 		window.location = authApp.reject;

   160 	} );

   161 

   162 	$form.on( 'submit', function( e ) {

   163 		e.preventDefault();

   164 	} );

   165 }( jQuery, authApp ) );