You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We want to have a new admin route to exchange an authorization code for an access token for MyYoast.
This route will be redirected to once the OAuth flow has been completed. It can be implemented in the same manner as ( #12131 and #12132 ) as the user is expected to be logged in and have originated from our settings page.
Ensure the current user has sufficient privileges to make the connection ( can manage_options ).
Ensure the OAuth client has been configured ( has both a client ID and client secret ).
Test instructions:
In all of these replace the call to $provider->getAccessToken( 'authorization_code', array( 'code' => $_GET['code'] ) ); with generating a random string until #12176 has been completed.
This function is part of the OAuth library where tests already exist.
Success:
Make sure the OAuth client has both a client id and secret stored.
Visit this route as an admin with a random authorization_code.
An access_token should be stored.
You should be redirect to yoast.com ( make sure the redirect happens, if you made up the client ID the page after the redirect is allowed to fail ).
No permissions:
Make sure the OAuth client has both a client id and secret stored.
Visit this route as an author with a random authorization_code.
An access_token should NOT be stored.
You should be redirect to the premium page where a warning is shown that you do not have sufficient privileges.
No configuration:
Make sure the OAuth client does NOT have a client id and secret stored.
Visit this route as an admin with a random authorization_code.
An access_token should NOT be stored.
You should be redirect to the premium page where a warning is shown that the connection to MyYoast has not yet been configured.
We want to have a new admin route to exchange an authorization code for an access token for MyYoast.
This route will be redirected to once the OAuth flow has been completed. It can be implemented in the same manner as ( #12131 and #12132 ) as the user is expected to be logged in and have originated from our settings page.
manage_options).$provider->getAccessToken( 'authorization_code', array( 'code' => $_GET['code'] ) );).Test instructions:
In all of these replace the call to
$provider->getAccessToken( 'authorization_code', array( 'code' => $_GET['code'] ) );with generating a random string until #12176 has been completed.This function is part of the OAuth library where tests already exist.
Success:
No permissions:
No configuration:
parent #12136
Needs #12093