diff --git a/src/wp-admin/user-edit.php b/src/wp-admin/user-edit.php
index 813c5eb5cd..de30bba4cb 100644
a
|
b
|
endif; |
733 | 733 | |
734 | 734 | </table> |
735 | 735 | |
| 736 | <?php if ( wp_is_application_passwords_available_for_user( $user_id ) || ! wp_is_application_passwords_supported() ) : ?> |
736 | 737 | <div class="application-passwords hide-if-no-js" id="application-passwords-section"> |
737 | 738 | <h2><?php _e( 'Application Passwords' ); ?></h2> |
738 | 739 | <p><?php _e( 'Application passwords allow authentication via non-interactive systems, such as XML-RPC or the REST API, without providing your actual password. Application passwords can be easily revoked. They cannot be used for traditional logins to your website.' ); ?></p> |
… |
… |
endif; |
797 | 798 | ?> |
798 | 799 | </div> |
799 | 800 | <?php else : ?> |
800 | | <p><?php _e( 'The application password feature requires HTTPS, which is not enabled on this site.' ); ?></p> |
| 801 | <p><?php _e( 'The application password feature requires HTTPS - which is not enabled on this site - or the environment type set as local.' ); ?></p> |
801 | 802 | <p> |
802 | 803 | <?php |
803 | 804 | printf( |
… |
… |
endif; |
809 | 810 | </p> |
810 | 811 | <?php endif; ?> |
811 | 812 | </div> |
| 813 | <?php endif; ?> |
812 | 814 | |
813 | 815 | <?php |
814 | 816 | if ( IS_PROFILE_PAGE ) { |
diff --git a/src/wp-includes/user.php b/src/wp-includes/user.php
index 3604d94389..5b4624bc0a 100644
a
|
b
|
function wp_get_user_request( $request_id ) { |
4657 | 4657 | return new WP_User_Request( $post ); |
4658 | 4658 | } |
4659 | 4659 | |
| 4660 | /** |
| 4661 | * Checks if Application Passwords is supported. |
| 4662 | * |
| 4663 | * Application Passwords is supported only by sites using SSL or local environments |
| 4664 | * but may be made available using the {@see 'wp_is_application_passwords_available'} filter. |
| 4665 | * |
| 4666 | * @since 5.9.0 |
| 4667 | * |
| 4668 | * @return bool |
| 4669 | */ |
| 4670 | function wp_is_application_passwords_supported() { |
| 4671 | return is_ssl() || 'local' === wp_get_environment_type(); |
| 4672 | } |
| 4673 | |
4660 | 4674 | /** |
4661 | 4675 | * Checks if Application Passwords is globally available. |
4662 | 4676 | * |
4663 | 4677 | * By default, Application Passwords is available to all sites using SSL or to local environments. |
4664 | | * Use {@see 'wp_is_application_passwords_available'} to adjust its availability. |
| 4678 | * Use the {@see 'wp_is_application_passwords_available'} filter to adjust its availability. |
4665 | 4679 | * |
4666 | 4680 | * @since 5.6.0 |
4667 | 4681 | * |
4668 | 4682 | * @return bool |
4669 | 4683 | */ |
4670 | 4684 | function wp_is_application_passwords_available() { |
4671 | | $available = is_ssl() || 'local' === wp_get_environment_type(); |
4672 | | |
4673 | 4685 | /** |
4674 | 4686 | * Filters whether Application Passwords is available. |
4675 | 4687 | * |
… |
… |
function wp_is_application_passwords_available() { |
4677 | 4689 | * |
4678 | 4690 | * @param bool $available True if available, false otherwise. |
4679 | 4691 | */ |
4680 | | return apply_filters( 'wp_is_application_passwords_available', $available ); |
| 4692 | return apply_filters( 'wp_is_application_passwords_available', wp_is_application_passwords_supported() ); |
4681 | 4693 | } |
4682 | 4694 | |
4683 | 4695 | /** |
diff --git a/tests/phpunit/tests/rest-api/rest-application-passwords-controller.php b/tests/phpunit/tests/rest-api/rest-application-passwords-controller.php
index cbfe965fa1..aff7a20d64 100644
a
|
b
|
class WP_Test_REST_Application_Passwords_Controller extends WP_Test_REST_Control |
946 | 946 | $this->assertErrorResponse( 'rest_application_password_not_found', $response, 500 ); |
947 | 947 | } |
948 | 948 | |
| 949 | /** |
| 950 | * @ticket 53658 |
| 951 | */ |
| 952 | public function test_supported_vs_available() { |
| 953 | wp_set_current_user( self::$admin ); |
| 954 | |
| 955 | $_SERVER['HTTPS'] = 'on'; |
| 956 | |
| 957 | $this->assertTrue( wp_is_application_passwords_supported() ); |
| 958 | |
| 959 | unset( $_SERVER['HTTPS'] ); |
| 960 | define( 'WP_ENVIRONMENT_TYPE', 'production' ); |
| 961 | |
| 962 | $this->assertFalse( wp_is_application_passwords_supported() ); |
| 963 | $this->assertTrue( wp_is_application_passwords_available() ); |
| 964 | } |
| 965 | |
949 | 966 | /** |
950 | 967 | * Sets up a REST API request to be authenticated using an App Password. |
951 | 968 | * |