Make WordPress Core


Ignore:
Timestamp:
10/22/2020 03:04:23 PM (3 years ago)
Author:
TimothyBlynJacobs
Message:

App Passwords: Support an app_id to uniquely identify instances of an app.

Apps may now optionally include an app_id parameter when directing the user to the Authorize Application screen. This allows for instances of an application to be identified and potentially revoked or blocked.

Props TimothyBlynJacobs, georgestephanis.
Fixes #51583.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/rest-api/endpoints/class-wp-rest-application-passwords-controller.php

    r49109 r49276  
    413413        );
    414414
     415        if ( $request['app_id'] && ! $request['uuid'] ) {
     416            $prepared->app_id = $request['app_id'];
     417        }
     418
    415419        /**
    416420         * Filters an application password before it is inserted via the REST API.
     
    442446        $prepared = array(
    443447            'uuid'      => $item['uuid'],
     448            'app_id'    => empty( $item['app_id'] ) ? '' : $item['app_id'],
    444449            'name'      => $item['name'],
    445450            'created'   => gmdate( 'Y-m-d\TH:i:s', $item['created'] ),
     
    616621                    'readonly'    => true,
    617622                ),
     623                'app_id'    => array(
     624                    'description' => __( 'A uuid provided by the application to uniquely identify it. It is recommended to use an UUID v5 with the URL or DNS namespace.' ),
     625                    'type'        => 'string',
     626                    'format'      => 'uuid',
     627                    'context'     => array( 'view', 'edit', 'embed' ),
     628                ),
    618629                'name'      => array(
    619630                    'description' => __( 'The name of the application password.' ),
Note: See TracChangeset for help on using the changeset viewer.