Merge pull request #99 from Automattic/prevent_userinfo_endpoint_caching

Prevent userinfo endpoint from being cached

Author: ashfame

src/Http/Handlers/UserInfoHandler.php

@@ -15,6 +15,19 @@ public function __construct( OAuth2Server $server ) {
 }
 
 public function handle( Request $request, Response $response ): Response {
-return $this->server->handleUserInfoRequest( $request );
+// prevent caching plugins from caching this page.
+if ( ! defined( 'DONOTCACHEPAGE' ) ) {
+define( 'DONOTCACHEPAGE', true );
+}
+
+$response = $this->server->handleUserInfoRequest( $request, $response );
+$response->addHttpHeaders(
+array(
+'Cache-Control' => 'no-store',
+'Pragma' => 'no-cache',
+)
+);
+
+return $response;
 }
 }