Updated handling of session-error when getting back to landing page

adeprimo · Jul 19, 2024 · 507b3fe · 507b3fe
1 parent 934f2e9
commit 507b3fe
Show file tree

Hide file tree

Showing 3 changed files with 20 additions and 5 deletions.
diff --git a/includes/class-tulo-payway-sso2-api.php b/includes/class-tulo-payway-sso2-api.php
@@ -345,6 +345,7 @@ protected function identify_session() {
         $this->common->write_log($payload);
 
         $token = JWT::encode($payload, $client_secret, 'HS256');
+        $this->common->write_log("identify token: ".$token);
         $protocol = isset($_SERVER['HTTPS']) && !empty($_SERVER['HTTPS']) ? 'https' : 'http';
         $continueUrl = sprintf("%s://%s%s", $protocol, $_SERVER["HTTP_HOST"], $_SERVER["REQUEST_URI"]);
 
@@ -801,7 +802,13 @@ private function set_sso_session_time() {
 
     protected function set_session_error($error) {
         $data = ["error" => $error];
+        $this->common->write_log("!! Got token error establishing session: ".$error);
         $this->set_cookie("tpw_session_error", json_encode($data), time() + 60);
+        // also remove other cookies that might have been previously set.
+        $this->delete_cookie("tpw_session_established");
+        $this->delete_cookie("tpw_sso");
+        $this->delete_cookie("tpw_id");
+        $this->delete_cookie("tpw_sso_session_time");
     }
 
     public function has_session_error() {

diff --git a/landing.php b/landing.php
@@ -33,17 +33,25 @@ function write_log($log) {
     if (isset($payload)) {             
         if (isset($payload->err)) {
             write_log("Error in JWT from Payway! Message: ".$payload->err);
-            $session->register_session_error($payload->err);            
+            $session->register_session_error($payload->err);
+            if (strpos($redirect_url, "tpw") === false) {
+                if (strpos($redirect_url, "?") === false) {
+                    $redirect_url .= "?tpw=".time();
+                } else {
+                    $redirect_url .= "&tpw=".time();
+                }
+            }        
         } else {       
             write_log("Decode OK, payload: ".json_encode($payload));     
             $session->register($payload);
         }
     }
     write_log("Redirecting to: ".$redirect_url);
     header("Location: ".$redirect_url);    
-} catch(Firebase\JWT\ExpiredException $e) {
-    // we land here if the JWT token can not be decoded properly, in this case some claims have expired.
+} catch(Exception $e) {
+    // we land here if the JWT token can not be decoded properly, in this case some claims have expired.    
     write_log("Could not decode JWT from Payway! Message: ".$e->getMessage());
+    write_log("Token: ".$token);
 }
 
 die();

diff --git a/wp-tulo-payway.php b/wp-tulo-payway.php
@@ -9,13 +9,13 @@
  * that starts the plugin.
  *
  * @link              https://adeprimo.se
- * @since             1.2.4.1-beta
+ * @since             1.2.5.0-cookie-beta2
  * @package           Tulo_Payway_Server
  *
  * @wordpress-plugin
  * Plugin Name:       Tulo Payway Connector for Wordpress
  * Description:       This plugin integrates with the SSO2 single sign on solution in Tulo Payway. Now with support for Tulo Paywall.
- * Version:           1.2.5.0-cookie-beta1
+ * Version:           1.2.5.0-cookie-beta2
  * Author:            Adeprimo AB
  * Author URI:        https://adeprimo.se
  * Text Domain:       tulo