251 lines
7.4 KiB
PHP
251 lines
7.4 KiB
PHP
<?php
|
|
/**
|
|
* Jetpack XMLRPC Methods.
|
|
*
|
|
* Registers the Jetpack specific XMLRPC methods
|
|
*
|
|
* @package jetpack
|
|
*/
|
|
|
|
use Automattic\Jetpack\Connection\Manager as Connection_Manager;
|
|
use Automattic\Jetpack\Connection\Tokens;
|
|
|
|
/**
|
|
* XMLRPC Methods registration and callbacks
|
|
*/
|
|
class Jetpack_XMLRPC_Methods {
|
|
|
|
/**
|
|
* Initialize the main hooks.
|
|
*/
|
|
public static function init() {
|
|
add_filter( 'jetpack_xmlrpc_unauthenticated_methods', array( __CLASS__, 'xmlrpc_methods' ) );
|
|
add_filter( 'jetpack_xmlrpc_test_connection_response', array( __CLASS__, 'test_connection' ) );
|
|
add_action( 'jetpack_xmlrpc_server_event', array( __CLASS__, 'jetpack_xmlrpc_server_event' ), 10, 4 );
|
|
add_action( 'jetpack_remote_connect_end', array( __CLASS__, 'remote_connect_end' ) );
|
|
add_filter( 'jetpack_xmlrpc_remote_register_redirect_uri', array( __CLASS__, 'remote_register_redirect_uri' ) );
|
|
}
|
|
|
|
/**
|
|
* Adds Jetpack specific methods to the methods added by the Connection package.
|
|
*
|
|
* @param array $methods Methods added by the Connection package.
|
|
*/
|
|
public static function xmlrpc_methods( $methods ) {
|
|
|
|
$methods['jetpack.featuresAvailable'] = array( __CLASS__, 'features_available' );
|
|
$methods['jetpack.featuresEnabled'] = array( __CLASS__, 'features_enabled' );
|
|
$methods['jetpack.disconnectBlog'] = array( __CLASS__, 'disconnect_blog' );
|
|
$methods['jetpack.jsonAPI'] = array( __CLASS__, 'json_api' );
|
|
|
|
return $methods;
|
|
}
|
|
|
|
/**
|
|
* Returns what features are available. Uses the slug of the module files.
|
|
*
|
|
* @deprecated 13.9
|
|
* @see Jetpack_Core_Json_Api_Endpoints::get_features_available()
|
|
* @return array
|
|
*/
|
|
public static function features_available() {
|
|
$raw_modules = Jetpack::get_available_modules();
|
|
$modules = array();
|
|
foreach ( $raw_modules as $module ) {
|
|
$modules[] = Jetpack::get_module_slug( $module );
|
|
}
|
|
|
|
return $modules;
|
|
}
|
|
|
|
/**
|
|
* Returns what features are enabled. Uses the slug of the modules files.
|
|
*
|
|
* @deprecated 13.9
|
|
* @see Jetpack_Core_Json_Api_Endpoints::get_features_enabled()
|
|
* @return array
|
|
*/
|
|
public static function features_enabled() {
|
|
$raw_modules = Jetpack::get_active_modules();
|
|
$modules = array();
|
|
foreach ( $raw_modules as $module ) {
|
|
$modules[] = Jetpack::get_module_slug( $module );
|
|
}
|
|
|
|
return $modules;
|
|
}
|
|
|
|
/**
|
|
* Filters the result of test_connection XMLRPC method
|
|
*
|
|
* @return string The current Jetpack version number
|
|
*/
|
|
public static function test_connection() {
|
|
return JETPACK__VERSION;
|
|
}
|
|
|
|
/**
|
|
* Disconnect this blog from the connected wordpress.com account
|
|
*
|
|
* @return boolean
|
|
*/
|
|
public static function disconnect_blog() {
|
|
|
|
/**
|
|
* Fired when we want to log an event to the Jetpack event log.
|
|
*
|
|
* @since 7.7.0
|
|
*
|
|
* @param string $code Unique name for the event.
|
|
* @param string $data Optional data about the event.
|
|
*/
|
|
do_action( 'jetpack_event_log', 'disconnect' );
|
|
( new Connection_Manager( 'jetpack' ) )->disconnect_site();
|
|
|
|
return true;
|
|
}
|
|
|
|
/**
|
|
* Serve a JSON API request.
|
|
*
|
|
* @param array $args request arguments.
|
|
*/
|
|
public static function json_api( $args = array() ) {
|
|
$json_api_args = $args[0];
|
|
$verify_api_user_args = $args[1];
|
|
|
|
$method = (string) $json_api_args[0];
|
|
$url = (string) $json_api_args[1];
|
|
$post_body = $json_api_args[2] === null ? null : (string) $json_api_args[2];
|
|
$user_details = (array) $json_api_args[4];
|
|
$locale = (string) $json_api_args[5];
|
|
|
|
if ( ! $verify_api_user_args ) {
|
|
$user_id = 0;
|
|
} elseif ( 'internal' === $verify_api_user_args[0] ) {
|
|
$user_id = (int) $verify_api_user_args[1];
|
|
if ( $user_id ) {
|
|
$user = get_user_by( 'id', $user_id );
|
|
if ( ! $user || is_wp_error( $user ) ) {
|
|
return false;
|
|
}
|
|
}
|
|
} else {
|
|
$user_id = call_user_func( array( new Jetpack_XMLRPC_Server(), 'test_api_user_code' ), $verify_api_user_args );
|
|
if ( ! $user_id ) {
|
|
return false;
|
|
}
|
|
}
|
|
|
|
$old_user = wp_get_current_user();
|
|
wp_set_current_user( $user_id );
|
|
|
|
if ( $user_id ) {
|
|
$token_key = false;
|
|
} else {
|
|
$verified = ( new Connection_Manager() )->verify_xml_rpc_signature();
|
|
$token_key = $verified['token_key'];
|
|
}
|
|
|
|
$token = ( new Tokens() )->get_access_token( $user_id, $token_key );
|
|
if ( ! $token || is_wp_error( $token ) ) {
|
|
return false;
|
|
}
|
|
|
|
define( 'REST_API_REQUEST', true );
|
|
define( 'WPCOM_JSON_API__BASE', 'public-api.wordpress.com/rest/v1' );
|
|
|
|
require_once JETPACK__PLUGIN_DIR . 'class.json-api.php';
|
|
$api = WPCOM_JSON_API::init( $method, $url, $post_body );
|
|
$api->token_details['user'] = $user_details;
|
|
|
|
$api->init_locale( $locale );
|
|
|
|
require_once JETPACK__PLUGIN_DIR . 'class.json-api-endpoints.php';
|
|
|
|
$display_errors = ini_set( 'display_errors', 0 ); // phpcs:ignore WordPress.PHP.IniSet
|
|
ob_start();
|
|
$api->serve( false );
|
|
$output = ob_get_clean();
|
|
ini_set( 'display_errors', $display_errors ); // phpcs:ignore WordPress.PHP.IniSet
|
|
|
|
$nonce = wp_generate_password( 10, false );
|
|
$hmac = hash_hmac( 'md5', $nonce . $output, $token->secret );
|
|
|
|
wp_set_current_user( isset( $old_user->ID ) ? $old_user->ID : 0 );
|
|
|
|
return array(
|
|
(string) $output,
|
|
(string) $nonce,
|
|
(string) $hmac,
|
|
);
|
|
}
|
|
|
|
/**
|
|
* Filters the response of the remote_provision XMLRPC method
|
|
*
|
|
* @param array $response The response.
|
|
* @param array $request An array containing at minimum a nonce key and a local_username key.
|
|
*
|
|
* @since 9.8.0
|
|
* @deprecated since 13.9
|
|
*
|
|
* @return array
|
|
*/
|
|
public static function remote_provision_response( $response, $request ) { // phpcs:ignore VariableAnalysis.CodeAnalysis.VariableAnalysis.UnusedVariable
|
|
_deprecated_function( __METHOD__, '13.9' );
|
|
return $response;
|
|
}
|
|
|
|
/**
|
|
* Runs Jetpack specific action in xmlrpc server events
|
|
*
|
|
* @param String $action the action name, i.e., 'remote_authorize'.
|
|
* @param String $stage the execution stage, can be 'begin', 'success', 'error', etc.
|
|
* @param array $parameters extra parameters from the event.
|
|
* @param WP_User $user the acting user.
|
|
* @return void
|
|
*/
|
|
public static function jetpack_xmlrpc_server_event( $action, $stage, $parameters = array(), $user = null ) { //phpcs:ignore VariableAnalysis.CodeAnalysis.VariableAnalysis.UnusedVariable
|
|
if ( 'remote_register' === $action && 'begin' === $stage ) {
|
|
Jetpack::maybe_set_version_option();
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Hooks into the remote_connect XMLRPC endpoint and triggers Jetpack::handle_post_authorization_actions
|
|
*
|
|
* @since 9.8.0
|
|
* @return void
|
|
*/
|
|
public static function remote_connect_end() {
|
|
/** This filter is documented in class.jetpack-cli.php */
|
|
$enable_sso = apply_filters( 'jetpack_start_enable_sso', true );
|
|
Jetpack::handle_post_authorization_actions( $enable_sso, false, false );
|
|
}
|
|
|
|
/**
|
|
* Filters the Redirect URI returned by the remote_register XMLRPC method
|
|
*
|
|
* @since 9.8.0
|
|
*
|
|
* @param string $redirect_uri The Redirect URI.
|
|
* @return string
|
|
*/
|
|
public static function remote_register_redirect_uri( $redirect_uri ) {
|
|
$auto_enable_sso = ( ! ( new Connection_Manager() )->has_connected_owner() || Jetpack::is_module_active( 'sso' ) );
|
|
|
|
/** This filter is documented in class.jetpack-cli.php */
|
|
if ( apply_filters( 'jetpack_start_enable_sso', $auto_enable_sso ) ) {
|
|
$redirect_uri = add_query_arg(
|
|
array(
|
|
'action' => 'jetpack-sso',
|
|
'redirect_to' => rawurlencode( admin_url() ),
|
|
),
|
|
wp_login_url() // TODO: come back to Jetpack dashboard?
|
|
);
|
|
}
|
|
|
|
return $redirect_uri;
|
|
}
|
|
}
|