Comments (7)
I'd like to pass URL variable of an access key from Help Scout to the Access Key Login form.
- Check if its in the query and if so, add it to the
window.tlVendor.accessKey
array. https://github.com/trustedlogin/vendor/blob/main/admin/trustedlogin-settings/init.php#L31 - If
window.tlVendor.accessKey.key
, use that value for a hidden field instead of the input https://github.com/trustedlogin/vendor/blob/main/admin/components/AccessKeyForm.js#L204 - Add a second conditional here to submit for if
window.tlVendor.accessKey.key
https://github.com/trustedlogin/vendor/blob/main/admin/components/AccessKeyForm.js#L121 - Figure out how to deal with account ID https://github.com/trustedlogin/vendor/blob/main/admin/components/AccessKeyForm.js#L176
from trustedlogin-connector.
Status:
- ✅ Shows the active logins
- ✅ Points to the right URLs
- ❌ Passes validation to redirect to site login
Getting a bad_nonce
error, since the nonce is old.
from trustedlogin-connector.
I'd like to pass URL variable of an access key from Help Scout to the Access Key Login form.
- It will be encrypted using the Help Scout secret.
- It will be decrypted and added to the form.
- The form will auto-submit when loaded.
@Shelob9 See what I mean in this video.
from trustedlogin-connector.
When that request passes nonce validation, it just outputs JSON. Instead, it should redirect to the site using the $_POST trick in
That's all done client side though. https://github.com/trustedlogin/vendor/blob/main/admin/components/AccessKeyForm.js#L92-L115
We could use wp_remote_post(loginurl) and then do a redirect(siteurl). That should work.
from trustedlogin-connector.
Allow a way for requests sourced from HS to bypass nonce validation while remaining secure
Nonces change based on who is logged in: user ID is one of the inputs of the hash. I don't think nonce validation should be used. If the signature matches, then its valid.
from trustedlogin-connector.
@zackkatz All of the discussion in this issue is RE: Helpscout return, not EDD integration. Also, we found the EDD integration is in place. So can we close this issue?
from trustedlogin-connector.
Yep, let's close.
from trustedlogin-connector.
Related Issues (20)
- "Reset All" button should clear the log file
- Connected dropdown uses account ID not name and also it say Figma
- Team switcher doesn't populate settings
- CSS isn't applied because it's too low priority
- Toggle should slide back and forth
- The need help button in the top right doesn’t do anything HOT 1
- going to: wp-admin/admin.php?page=trustedlogin_access_key_login when you have more than 1 team breaks.
- Make TL Vendor plugin compatible with multiple help desks.
- Use a different way to build ZIP for instawp HOT 1
- Clicking the copy icon for Help Desk configuration throws an error
- Add a confirmation before "Reset All" resets everything
- Fatal error: Uncaught Error: Call to undefined method WP_REST_Request::param()
- Make "Help Desk" optional
- Fix build step .zip generation HOT 1
- Integrate GitHub Actions for WordPress.org Deploy
- Handle Add/Update Team errors better
- Add a blocking Jest action to the GitHub Actions checks
- Fix Jest tests
- UI dies when creating a team without a Help Desk
- Fix potential error when creating anti-directory-browsing file
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from trustedlogin-connector.