Edit File by line

<?php

[0] Fix | Delete

/**

[1] Fix | Delete

* Jetpack XMLRPC Methods.

[2] Fix | Delete

[3] Fix | Delete

* Registers the Jetpack specific XMLRPC methods

[4] Fix | Delete

[5] Fix | Delete

* @package jetpack

[6] Fix | Delete

[7] Fix | Delete

[8] Fix | Delete

use Automattic\Jetpack\Connection\Manager as Connection_Manager;

[9] Fix | Delete

use Automattic\Jetpack\Connection\Tokens;

[10] Fix | Delete

[11] Fix | Delete

/**

[12] Fix | Delete

* XMLRPC Methods registration and callbacks

[13] Fix | Delete

[14] Fix | Delete

class Jetpack_XMLRPC_Methods {

[15] Fix | Delete

[16] Fix | Delete

/**

[17] Fix | Delete

* Initialize the main hooks.

[18] Fix | Delete

[19] Fix | Delete

public static function init() {

[20] Fix | Delete

add_filter( 'jetpack_xmlrpc_unauthenticated_methods', array( __CLASS__, 'xmlrpc_methods' ) );

[21] Fix | Delete

add_filter( 'jetpack_xmlrpc_test_connection_response', array( __CLASS__, 'test_connection' ) );

[22] Fix | Delete

add_action( 'jetpack_xmlrpc_server_event', array( __CLASS__, 'jetpack_xmlrpc_server_event' ), 10, 4 );

[23] Fix | Delete

add_action( 'jetpack_remote_connect_end', array( __CLASS__, 'remote_connect_end' ) );

[24] Fix | Delete

add_filter( 'jetpack_xmlrpc_remote_register_redirect_uri', array( __CLASS__, 'remote_register_redirect_uri' ) );

[25] Fix | Delete

}

[26] Fix | Delete

[27] Fix | Delete

/**

[28] Fix | Delete

* Adds Jetpack specific methods to the methods added by the Connection package.

[29] Fix | Delete

[30] Fix | Delete

* @param array $methods Methods added by the Connection package.

[31] Fix | Delete

[32] Fix | Delete

public static function xmlrpc_methods( $methods ) {

[33] Fix | Delete

[34] Fix | Delete

$methods['jetpack.featuresAvailable'] = array( __CLASS__, 'features_available' );

[35] Fix | Delete

$methods['jetpack.featuresEnabled'] = array( __CLASS__, 'features_enabled' );

[36] Fix | Delete

$methods['jetpack.disconnectBlog'] = array( __CLASS__, 'disconnect_blog' );

[37] Fix | Delete

$methods['jetpack.jsonAPI'] = array( __CLASS__, 'json_api' );

[38] Fix | Delete

[39] Fix | Delete

return $methods;

[40] Fix | Delete

}

[41] Fix | Delete

[42] Fix | Delete

/**

[43] Fix | Delete

* Returns what features are available. Uses the slug of the module files.

[44] Fix | Delete

[45] Fix | Delete

* @deprecated 13.9

[46] Fix | Delete

* @see Jetpack_Core_Json_Api_Endpoints::get_features_available()

[47] Fix | Delete

* @return array

[48] Fix | Delete

[49] Fix | Delete

public static function features_available() {

[50] Fix | Delete

$raw_modules = Jetpack::get_available_modules();

[51] Fix | Delete

$modules = array();

[52] Fix | Delete

foreach ( $raw_modules as $module ) {

[53] Fix | Delete

$modules[] = Jetpack::get_module_slug( $module );

[54] Fix | Delete

}

[55] Fix | Delete

[56] Fix | Delete

return $modules;

[57] Fix | Delete

}

[58] Fix | Delete

[59] Fix | Delete

/**

[60] Fix | Delete

* Returns what features are enabled. Uses the slug of the modules files.

[61] Fix | Delete

[62] Fix | Delete

* @deprecated 13.9

[63] Fix | Delete

* @see Jetpack_Core_Json_Api_Endpoints::get_features_enabled()

[64] Fix | Delete

* @return array

[65] Fix | Delete

[66] Fix | Delete

public static function features_enabled() {

[67] Fix | Delete

$raw_modules = Jetpack::get_active_modules();

[68] Fix | Delete

$modules = array();

[69] Fix | Delete

foreach ( $raw_modules as $module ) {

[70] Fix | Delete

$modules[] = Jetpack::get_module_slug( $module );

[71] Fix | Delete

}

[72] Fix | Delete

[73] Fix | Delete

return $modules;

[74] Fix | Delete

}

[75] Fix | Delete

[76] Fix | Delete

/**

[77] Fix | Delete

* Filters the result of test_connection XMLRPC method

[78] Fix | Delete

[79] Fix | Delete

* @return string The current Jetpack version number

[80] Fix | Delete

[81] Fix | Delete

public static function test_connection() {

[82] Fix | Delete

return JETPACK__VERSION;

[83] Fix | Delete

}

[84] Fix | Delete

[85] Fix | Delete

/**

[86] Fix | Delete

* Disconnect this blog from the connected wordpress.com account

[87] Fix | Delete

[88] Fix | Delete

* @return boolean

[89] Fix | Delete

[90] Fix | Delete

public static function disconnect_blog() {

[91] Fix | Delete

[92] Fix | Delete

/**

[93] Fix | Delete

* Fired when we want to log an event to the Jetpack event log.

[94] Fix | Delete

[95] Fix | Delete

* @since 7.7.0

[96] Fix | Delete

[97] Fix | Delete

* @param string $code Unique name for the event.

[98] Fix | Delete

* @param string $data Optional data about the event.

[99] Fix | Delete

[100] Fix | Delete

do_action( 'jetpack_event_log', 'disconnect' );

[101] Fix | Delete

( new Connection_Manager( 'jetpack' ) )->disconnect_site();

[102] Fix | Delete

[103] Fix | Delete

return true;

[104] Fix | Delete

}

[105] Fix | Delete

[106] Fix | Delete

/**

[107] Fix | Delete

* Serve a JSON API request.

[108] Fix | Delete

[109] Fix | Delete

* @param array $args request arguments.

[110] Fix | Delete

[111] Fix | Delete

public static function json_api( $args = array() ) {

[112] Fix | Delete

$json_api_args = $args[0];

[113] Fix | Delete

$verify_api_user_args = $args[1];

[114] Fix | Delete

[115] Fix | Delete

$method = (string) $json_api_args[0];

[116] Fix | Delete

$url = (string) $json_api_args[1];

[117] Fix | Delete

$post_body = $json_api_args[2] === null ? null : (string) $json_api_args[2];

[118] Fix | Delete

$user_details = (array) $json_api_args[4];

[119] Fix | Delete

$locale = (string) $json_api_args[5];

[120] Fix | Delete

[121] Fix | Delete

if ( ! $verify_api_user_args ) {

[122] Fix | Delete

$user_id = 0;

[123] Fix | Delete

} elseif ( 'internal' === $verify_api_user_args[0] ) {

[124] Fix | Delete

$user_id = (int) $verify_api_user_args[1];

[125] Fix | Delete

if ( $user_id ) {

[126] Fix | Delete

$user = get_user_by( 'id', $user_id );

[127] Fix | Delete

if ( ! $user || is_wp_error( $user ) ) {

[128] Fix | Delete

return false;

[129] Fix | Delete

}

[130] Fix | Delete

}

[131] Fix | Delete

} else {

[132] Fix | Delete

$user_id = call_user_func( array( new Jetpack_XMLRPC_Server(), 'test_api_user_code' ), $verify_api_user_args );

[133] Fix | Delete

if ( ! $user_id ) {

[134] Fix | Delete

return false;

[135] Fix | Delete

}

[136] Fix | Delete

}

[137] Fix | Delete

[138] Fix | Delete

$old_user = wp_get_current_user();

[139] Fix | Delete

wp_set_current_user( $user_id );

[140] Fix | Delete

[141] Fix | Delete

if ( $user_id ) {

[142] Fix | Delete

$token_key = false;

[143] Fix | Delete

} else {

[144] Fix | Delete

$verified = ( new Connection_Manager() )->verify_xml_rpc_signature();

[145] Fix | Delete

$token_key = $verified['token_key'];

[146] Fix | Delete

}

[147] Fix | Delete

[148] Fix | Delete

$token = ( new Tokens() )->get_access_token( $user_id, $token_key );

[149] Fix | Delete

if ( ! $token || is_wp_error( $token ) ) {

[150] Fix | Delete

return false;

[151] Fix | Delete

}

[152] Fix | Delete

[153] Fix | Delete

define( 'REST_API_REQUEST', true );

[154] Fix | Delete

define( 'WPCOM_JSON_API__BASE', 'public-api.wordpress.com/rest/v1' );

[155] Fix | Delete

[156] Fix | Delete

require_once JETPACK__PLUGIN_DIR . 'class.json-api.php';

[157] Fix | Delete

$api = WPCOM_JSON_API::init( $method, $url, $post_body );

[158] Fix | Delete

$api->token_details['user'] = $user_details;

[159] Fix | Delete

[160] Fix | Delete

$api->init_locale( $locale );

[161] Fix | Delete

[162] Fix | Delete

require_once JETPACK__PLUGIN_DIR . 'class.json-api-endpoints.php';

[163] Fix | Delete

[164] Fix | Delete

$display_errors = ini_set( 'display_errors', 0 ); // phpcs:ignore WordPress.PHP.IniSet

[165] Fix | Delete

ob_start();

[166] Fix | Delete

$api->serve( false );

[167] Fix | Delete

$output = ob_get_clean();

[168] Fix | Delete

ini_set( 'display_errors', $display_errors ); // phpcs:ignore WordPress.PHP.IniSet

[169] Fix | Delete

[170] Fix | Delete

$nonce = wp_generate_password( 10, false );

[171] Fix | Delete

$hmac = hash_hmac( 'md5', $nonce . $output, $token->secret );

[172] Fix | Delete

[173] Fix | Delete

wp_set_current_user( isset( $old_user->ID ) ? $old_user->ID : 0 );

[174] Fix | Delete

[175] Fix | Delete

return array(

[176] Fix | Delete

(string) $output,

[177] Fix | Delete

(string) $nonce,

[178] Fix | Delete

(string) $hmac,

[179] Fix | Delete

);

[180] Fix | Delete

}

[181] Fix | Delete

[182] Fix | Delete

/**

[183] Fix | Delete

* Filters the response of the remote_provision XMLRPC method

[184] Fix | Delete

[185] Fix | Delete

* @param array $response The response.

[186] Fix | Delete

* @param array $request An array containing at minimum a nonce key and a local_username key.

[187] Fix | Delete

[188] Fix | Delete

* @since 9.8.0

[189] Fix | Delete

* @deprecated since 13.9

[190] Fix | Delete

[191] Fix | Delete

* @return array

[192] Fix | Delete

[193] Fix | Delete

public static function remote_provision_response( $response, $request ) { // phpcs:ignore VariableAnalysis.CodeAnalysis.VariableAnalysis.UnusedVariable

[194] Fix | Delete

_deprecated_function( __METHOD__, '13.9' );

[195] Fix | Delete

return $response;

[196] Fix | Delete

}

[197] Fix | Delete

[198] Fix | Delete

/**

[199] Fix | Delete

* Runs Jetpack specific action in xmlrpc server events

[200] Fix | Delete

[201] Fix | Delete

* @param String $action the action name, i.e., 'remote_authorize'.

[202] Fix | Delete

* @param String $stage the execution stage, can be 'begin', 'success', 'error', etc.

[203] Fix | Delete

* @param array $parameters extra parameters from the event.

[204] Fix | Delete

* @param WP_User $user the acting user.

[205] Fix | Delete

* @return void

[206] Fix | Delete

[207] Fix | Delete

public static function jetpack_xmlrpc_server_event( $action, $stage, $parameters = array(), $user = null ) { //phpcs:ignore VariableAnalysis.CodeAnalysis.VariableAnalysis.UnusedVariable

[208] Fix | Delete

if ( 'remote_register' === $action && 'begin' === $stage ) {

[209] Fix | Delete

Jetpack::maybe_set_version_option();

[210] Fix | Delete

}

[211] Fix | Delete

}

[212] Fix | Delete

[213] Fix | Delete

/**

[214] Fix | Delete

* Hooks into the remote_connect XMLRPC endpoint and triggers Jetpack::handle_post_authorization_actions

[215] Fix | Delete

[216] Fix | Delete

* @since 9.8.0

[217] Fix | Delete

* @return void

[218] Fix | Delete

[219] Fix | Delete

public static function remote_connect_end() {

[220] Fix | Delete

/** This filter is documented in class.jetpack-cli.php */

[221] Fix | Delete

$enable_sso = apply_filters( 'jetpack_start_enable_sso', true );

[222] Fix | Delete

Jetpack::handle_post_authorization_actions( $enable_sso, false, false );

[223] Fix | Delete

}

[224] Fix | Delete

[225] Fix | Delete

/**

[226] Fix | Delete

* Filters the Redirect URI returned by the remote_register XMLRPC method

[227] Fix | Delete

[228] Fix | Delete

* @since 9.8.0

[229] Fix | Delete

[230] Fix | Delete

* @param string $redirect_uri The Redirect URI.

[231] Fix | Delete

* @return string

[232] Fix | Delete

[233] Fix | Delete

public static function remote_register_redirect_uri( $redirect_uri ) {

[234] Fix | Delete

$auto_enable_sso = ( ! ( new Connection_Manager() )->has_connected_owner() || Jetpack::is_module_active( 'sso' ) );

[235] Fix | Delete

[236] Fix | Delete

/** This filter is documented in class.jetpack-cli.php */

[237] Fix | Delete

if ( apply_filters( 'jetpack_start_enable_sso', $auto_enable_sso ) ) {

[238] Fix | Delete

$redirect_uri = add_query_arg(

[239] Fix | Delete

array(

[240] Fix | Delete

'action' => 'jetpack-sso',

[241] Fix | Delete

'redirect_to' => rawurlencode( admin_url() ),

[242] Fix | Delete

[243] Fix | Delete

wp_login_url() // TODO: come back to Jetpack dashboard?

[244] Fix | Delete

);

[245] Fix | Delete

}

[246] Fix | Delete

[247] Fix | Delete

return $redirect_uri;

[248] Fix | Delete

}

[249] Fix | Delete

}

[250] Fix | Delete

[251] Fix | Delete