At some point, you may need to change the data provided by WP OAuth Server’s resource endpoints. Data can be modified by using a filter.
The filter that contains the endpoints and callbacks used is wo_endpoints.
Example
The following code can be placed in your theme’s functions file or a custom plugin to modify the user endpoint (oauth/me) and the data that is returned.
add_filter('wo_endpoints','wo_extend_resource_api', 2);
function wo_extend_resource_api ($methods){
$methods['me'] = array('func'=>'_wo_me_1');
return $methods;
}
/**
* Replaces the default me enpoint
* @param [type] $token [description]
* @return [type] [description]
*/
function _wo_me_1 ( $token=null ){
$user_id = &$token['user_id'];
global $wpdb;
$me_data = $wpdb->get_row("SELECT * FROM {$wpdb->prefix}users WHERE ID=$user_id", ARRAY_A);
/** prevent sensative data - makes me happy ;) */
unset( $me_data['user_pass'] );
unset( $me_data['user_activation_key'] );
unset( $me_data['user_url'] );
unset( $me_data['session_tokens'] );
// add user metadata
$infometa = $wpdb->get_results("SELECT meta_key, meta_value FROM {$wpdb->prefix}usermeta WHERE user_id = ".$user_id."");
foreach ($infometa as $metarow) {
$key = $metarow->meta_key;
if( is_serialized( $metarow->meta_value ) ){
$me_data[$key] = unserialize( $metarow->meta_value );
}else{
$me_data[$key] = $metarow->meta_value;
}
}
$response = new WPOAuth2\Response($me_data);
$response->send();
exit;
}
Each method added to the endpoints will be sent to the token object. Take note of the parameter “$token” in the example above. The token object contains data specific to the client and user that is currently using the endpoint.
The token object (unless modified) will contain the following data:
- id – ID assigned for storage
- access_token – The access token.
- client_id – The client being used.
- user_id – The WP asigned user ID for the authenticated user asigned to the access token.
- expires – Unix Timestamp the token expires.
- scope – Scopes attached to the access token.
Modifying the User Data Return
There is a way to modify the data returned from the endpoint “/oauth/me” without having to extend the entire method. This can be done by using the “wo_me_resource_return” filter.
The filter looks like this:
$me_data = apply_filters('wo_me_resource_return', $me_data, $token);
Take note that the filter sends two parameters; the user data and the current access token for that user. Simply add, modify, and or delete the data and return it back to the filter.
Visit https://developer.wordpress.org/plugins/hooks/filters/ to see how to add a filter for WordPress.
