Jetpack_Provision::authorize_user() - Code Metrics - Inspection of "Always replace existing access token if missing or..." - Automattic/jetpack - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — try/remote-provision ( 127020...f1bd34 )

unknown

created 2018-02-26 19:06 UTC

Jetpack_Provision::authorize_user() A

↳ Parent: Jetpack_Provision

Complexity

Conditions	3
Paths	4

Size

Total Lines	22
Code Lines	10

Duplication

Lines	6
Ratio	27.27 %

Importance

Changes

Metric	Value
cc	3
eloc	10
nc	4
nop	2
dl	6
loc	22
rs	9.2
c	0
b	0
f	0

<?php
class Jetpack_Provision {
	static function partner_provision( $access_token, $named_args ) {
		// first, verify the token
		$verify_response = self::verify_token( $access_token );

		if ( is_wp_error( $verify_response ) ) {
			return $verify_response;
		}

		$url_args = array(
			'home_url' => 'WP_HOME',
			'site_url' => 'WP_SITEURL',
		);

		foreach ( $url_args as $url_arg => $constant_name ) {
			// Anonymous functions were introduced in 5.3.0. So, if we're running on
			// >= 5.3.0, use an anonymous function to set the home/siteurl value%s.
			//
			// Otherwise, fallback to setting the home/siteurl value via the WP_HOME and
			// WP_SITEURL constants if the constant hasn't already been defined.
			if ( isset( $named_args[ $url_arg ] ) ) {
				if ( version_compare( phpversion(), '5.3.0', '>=') ) {
					add_filter( $url_arg, function( $url ) use ( $url_arg, $named_args ) {
						return $named_args[ $url_arg ];
					}, 11 );
				} else if ( ! defined( $constant_name ) ) {
					define( $constant_name, $named_args[ $url_arg ] );
				}
			}
		}

		$blog_id    = Jetpack_Options::get_option( 'id' );
		$blog_token = Jetpack_Options::get_option( 'blog_token' );

		if ( ! $blog_id || ! $blog_token || ( isset( $named_args['force_register'] ) && intval( $named_args['force_register'] ) ) ) {
			// this code mostly copied from Jetpack::admin_page_load
			Jetpack::maybe_set_version_option();
			$registered = Jetpack::try_registration();
			if ( is_wp_error( $registered ) ) {
				return $registered;
			} elseif ( ! $registered ) {
				return new WP_Error( 'registration_error', __( 'There was an unspecified error registering the site', 'jetpack' ) );
			}

			$blog_id    = Jetpack_Options::get_option( 'id' );
			$blog_token = Jetpack_Options::get_option( 'blog_token' );
$myVar = 'Value';
$higher = false;

if (rand(1, 6) > 3) {
    $higher = true;
} else {
    $higher = false;
}
		}

		// if the user isn't specified, but we have a current master user, then set that to current user
		if ( ! get_current_user_id() && $master_user_id = Jetpack_Options::get_option( 'master_user' ) ) {
			wp_set_current_user( $master_user_id );
		}

		$site_icon = ( function_exists( 'has_site_icon') && has_site_icon() )
			? get_site_icon_url()
			: false;

		$auto_enable_sso = ( ! Jetpack::is_active() || Jetpack::is_module_active( 'sso' ) );

		/** This filter is documented in class.jetpack-cli.php */
		if ( apply_filters( 'jetpack_start_enable_sso', $auto_enable_sso ) ) {
			$redirect_uri = add_query_arg(
				array( 'action' => 'jetpack-sso', 'redirect_to' => urlencode( admin_url() ) ),
				wp_login_url() // TODO: come back to Jetpack dashboard?

			);
		} else {
			$redirect_uri = admin_url();
		}

		$request_body = array(
			'jp_version'    => JETPACK__VERSION,
			'redirect_uri'  => $redirect_uri
		);

		if ( $site_icon ) {
			$request_body['site_icon'] = $site_icon;
		}

		if ( get_current_user_id() ) {
			$user = wp_get_current_user();

			// role
			$role = Jetpack::translate_current_user_to_role();
			$signed_role = Jetpack::sign_role( $role );

			$secrets = Jetpack::init()->generate_secrets( 'authorize' );

			// Jetpack auth stuff
			$request_body['scope']  = $signed_role;
			$request_body['secret'] = $secrets['secret_1'];

			// User stuff
			$request_body['user_id']    = $user->ID;
			$request_body['user_email'] = $user->user_email;
			$request_body['user_login'] = $user->user_login;
		}

		// optional additional params
		if ( isset( $named_args['wpcom_user_id'] ) && ! empty( $named_args['wpcom_user_id'] ) ) {
			$request_body['wpcom_user_id'] = $named_args['wpcom_user_id'];
		}

		// override email of selected user
		if ( isset( $named_args['wpcom_user_email'] ) && ! empty( $named_args['wpcom_user_email'] ) ) {
			$request_body['user_email'] = $named_args['wpcom_user_email'];
		}

		if ( isset( $named_args['plan'] ) && ! empty( $named_args['plan'] ) ) {
			$request_body['plan'] = $named_args['plan'];
		}

		if ( isset( $named_args['onboarding'] ) && ! empty( $named_args['onboarding'] ) ) {
			$request_body['onboarding'] = intval( $named_args['onboarding'] );
		}

		if ( isset( $named_args['force_connect'] ) && ! empty( $named_args['force_connect'] ) ) {
			$request_body['force_connect'] = intval( $named_args['force_connect'] );
		}

		if ( isset( $request_body['onboarding'] ) && (bool) $request_body['onboarding'] ) {
			Jetpack::create_onboarding_token();
		}

		$request = array(
			'headers' => array(
				'Authorization' => "Bearer " . $access_token,
				'Host'          => defined( 'JETPACK__WPCOM_JSON_API_HOST_HEADER' ) ? JETPACK__WPCOM_JSON_API_HOST_HEADER : 'public-api.wordpress.com',
			),
			'timeout' => 60,
			'method'  => 'POST',
			'body'    => json_encode( $request_body )
		);

		$url = sprintf( 'https://%s/rest/v1.3/jpphp/%d/partner-provision', self::get_api_host(), $blog_id );
		if ( ! empty( $named_args['partner-tracking-id'] ) ) {
			$url = esc_url_raw( add_query_arg( 'partner_tracking_id', $named_args['partner-tracking-id'], $url ) );
		}

		// add calypso env if set
		if ( getenv( 'CALYPSO_ENV' ) ) {
			$url = add_query_arg( array( 'calypso_env' => getenv( 'CALYPSO_ENV' ) ), $url );
		}

		$result = Jetpack_Client::_wp_remote_request( $url, $request );

		if ( is_wp_error( $result ) ) {
			return $result;
		}

		$response_code = wp_remote_retrieve_response_code( $result );
		$body_json     = json_decode( wp_remote_retrieve_body( $result ) );

		if( 200 !== $response_code ) {
			if ( isset( $body_json->error ) ) {
				return new WP_Error( $body_json->error, $body_json->message );
			} else {
				return new WP_Error( 'server_error', sprintf( __( "Request failed with code %s" ), $response_code ) );
			}
		}

		if ( isset( $body_json->access_token ) ) {
			// check if this matches the existing token before replacing
			$existing_token = Jetpack_Data::get_access_token( $user->ID );
function myFunction($a) {
    switch ($a) {
        case 'foo':
            $x = 1;
            break;

        case 'bar':
            $x = 2;
            break;
    }

    // $x is potentially undefined here.
    echo $x;
}
			if ( empty( $existing_token ) || $existing_token->secret !== $body_json->access_token ) {
				self::authorize_user( $user->ID, $body_json->access_token );
			}
		}

		return $body_json;
	}

	private static function authorize_user( $user_id, $access_token ) {
		// authorize user and enable SSO
		Jetpack::update_user_token( $user_id, sprintf( '%s.%d', $access_token, $user_id ), true );

		/**
		 * Auto-enable SSO module for new Jetpack Start connections
		 *
		 * @since 5.0.0
		 *
		 * @param bool $enable_sso Whether to enable the SSO module. Default to true.
		 */
		$other_modules = apply_filters( 'jetpack_start_enable_sso', true )
			? array( 'sso' )
			: array();

		if ( $active_modules = Jetpack_Options::get_option( 'active_modules' ) ) {
			Jetpack::delete_active_modules();
			Jetpack::activate_default_modules( 999, 1, array_merge( $active_modules, $other_modules ), false );
function acceptsInteger($int) { }

$x = '123'; // string "123"

// Instead of
acceptsInteger($x);

// we recommend to use
acceptsInteger((integer) $x);
		} else {
			Jetpack::activate_default_modules( false, false, $other_modules, false );
		}
	}

	private static function verify_token( $access_token ) {
		$request = array(
			'headers' => array(
				'Authorization' => "Bearer " . $access_token,
				'Host'          => defined( 'JETPACK__WPCOM_JSON_API_HOST_HEADER' ) ? JETPACK__WPCOM_JSON_API_HOST_HEADER : 'public-api.wordpress.com',
			),
			'timeout' => 10,
			'method'  => 'POST',
			'body'    => ''
		);

		$url = sprintf( 'https://%s/rest/v1.3/jpphp/partner-keys/verify', self::get_api_host() );
		$result = Jetpack_Client::_wp_remote_request( $url, $request );

		if ( is_wp_error( $result ) ) {
			return $result;
		}

		$response_code = wp_remote_retrieve_response_code( $result );
		$body_json     = json_decode( wp_remote_retrieve_body( $result ) );

		if( 200 !== $response_code ) {
			if ( isset( $body_json->error ) ) {
				return new WP_Error( $body_json->error, $body_json->message );
			} else {
				return new WP_Error( 'server_error', sprintf( __( "Request failed with code %s" ), $response_code ) );
			}
		}

		return true;
	}

	private static function get_api_host() {
		$env_api_host = getenv( 'JETPACK_START_API_HOST', true );
		return $env_api_host ? $env_api_host : JETPACK__WPCOM_JSON_API_HOST;
	}
}


1		<?php
2		class Jetpack_Provision {
3		static function partner_provision( $access_token, $named_args ) {
4		// first, verify the token
5		$verify_response = self::verify_token( $access_token );
6
7		if ( is_wp_error( $verify_response ) ) {
8		return $verify_response;
9		}
10
11		$url_args = array(
12		'home_url' => 'WP_HOME',
13		'site_url' => 'WP_SITEURL',
14		);
15
16		foreach ( $url_args as $url_arg => $constant_name ) {
17		// Anonymous functions were introduced in 5.3.0. So, if we're running on
18		// >= 5.3.0, use an anonymous function to set the home/siteurl value%s.
19		//
20		// Otherwise, fallback to setting the home/siteurl value via the WP_HOME and
21		// WP_SITEURL constants if the constant hasn't already been defined.
22		if ( isset( $named_args[ $url_arg ] ) ) {
23		if ( version_compare( phpversion(), '5.3.0', '>=') ) {
24		add_filter( $url_arg, function( $url ) use ( $url_arg, $named_args ) {
25		return $named_args[ $url_arg ];
26		}, 11 );
27		} else if ( ! defined( $constant_name ) ) {
28		define( $constant_name, $named_args[ $url_arg ] );
29		}
30		}
31		}
32
33		$blog_id = Jetpack_Options::get_option( 'id' );
34		$blog_token = Jetpack_Options::get_option( 'blog_token' );
35
36		if ( ! $blog_id \|\| ! $blog_token \|\| ( isset( $named_args['force_register'] ) && intval( $named_args['force_register'] ) ) ) {
37		// this code mostly copied from Jetpack::admin_page_load
38		Jetpack::maybe_set_version_option();
39		$registered = Jetpack::try_registration();
40		if ( is_wp_error( $registered ) ) {
41		return $registered;
42		} elseif ( ! $registered ) {
43		return new WP_Error( 'registration_error', __( 'There was an unspecified error registering the site', 'jetpack' ) );
44		}
45
46		$blog_id = Jetpack_Options::get_option( 'id' );
47		$blog_token = Jetpack_Options::get_option( 'blog_token' );
		0 ignored issues – show Unused Code introduced 2017-05-07 05:28 UTC by Report Bug Copy Issue Report `$blog_token` is not used, you could remove the assignment. This check looks for variable assignements that are either overwritten by other assignments or where the variable is not used subsequently. $myVar = 'Value'; $higher = false; if (rand(1, 6) > 3) { $higher = true; } else { $higher = false; } Both the `$myVar` assignment in line 1 and the `$higher` assignment in line 2 are dead. The first because `$myVar` is never used and the second because `$higher` is always overwritten for every possible time line. Loading history...
48		}
49
50		// if the user isn't specified, but we have a current master user, then set that to current user
51		if ( ! get_current_user_id() && $master_user_id = Jetpack_Options::get_option( 'master_user' ) ) {
52		wp_set_current_user( $master_user_id );
53		}
54
55		$site_icon = ( function_exists( 'has_site_icon') && has_site_icon() )
56		? get_site_icon_url()
57		: false;
58
59		$auto_enable_sso = ( ! Jetpack::is_active() \|\| Jetpack::is_module_active( 'sso' ) );
60
61		/** This filter is documented in class.jetpack-cli.php */
62		if ( apply_filters( 'jetpack_start_enable_sso', $auto_enable_sso ) ) {
63		$redirect_uri = add_query_arg(
64		array( 'action' => 'jetpack-sso', 'redirect_to' => urlencode( admin_url() ) ),
65		wp_login_url() // TODO: come back to Jetpack dashboard?
		0 ignored issues – show Coding Style Best Practice introduced 2017-05-08 23:22 UTC by Report Bug Copy Issue Report Comments for TODO tasks are often forgotten in the code; it might be better to use a dedicated issue tracker. Loading history...
66		);
67		} else {
68		$redirect_uri = admin_url();
69		}
70
71		$request_body = array(
72		'jp_version' => JETPACK__VERSION,
73		'redirect_uri' => $redirect_uri
74		);
75
76		if ( $site_icon ) {
77		$request_body['site_icon'] = $site_icon;
78		}
79
80		if ( get_current_user_id() ) {
81		$user = wp_get_current_user();
82
83		// role
84		$role = Jetpack::translate_current_user_to_role();
85		$signed_role = Jetpack::sign_role( $role );
86
87		$secrets = Jetpack::init()->generate_secrets( 'authorize' );
88
89		// Jetpack auth stuff
90		$request_body['scope'] = $signed_role;
91		$request_body['secret'] = $secrets['secret_1'];
92
93		// User stuff
94		$request_body['user_id'] = $user->ID;
95		$request_body['user_email'] = $user->user_email;
96		$request_body['user_login'] = $user->user_login;
97		}
98
99		// optional additional params
100	View Code Duplication	if ( isset( $named_args['wpcom_user_id'] ) && ! empty( $named_args['wpcom_user_id'] ) ) {
101		$request_body['wpcom_user_id'] = $named_args['wpcom_user_id'];
102		}
103
104		// override email of selected user
105	View Code Duplication	if ( isset( $named_args['wpcom_user_email'] ) && ! empty( $named_args['wpcom_user_email'] ) ) {
106		$request_body['user_email'] = $named_args['wpcom_user_email'];
107		}
108
109	View Code Duplication	if ( isset( $named_args['plan'] ) && ! empty( $named_args['plan'] ) ) {
110		$request_body['plan'] = $named_args['plan'];
111		}
112
113	View Code Duplication	if ( isset( $named_args['onboarding'] ) && ! empty( $named_args['onboarding'] ) ) {
114		$request_body['onboarding'] = intval( $named_args['onboarding'] );
115		}
116
117	View Code Duplication	if ( isset( $named_args['force_connect'] ) && ! empty( $named_args['force_connect'] ) ) {
118		$request_body['force_connect'] = intval( $named_args['force_connect'] );
119		}
120
121		if ( isset( $request_body['onboarding'] ) && (bool) $request_body['onboarding'] ) {
122		Jetpack::create_onboarding_token();
123		}
124
125		$request = array(
126		'headers' => array(
127		'Authorization' => "Bearer " . $access_token,
128		'Host' => defined( 'JETPACK__WPCOM_JSON_API_HOST_HEADER' ) ? JETPACK__WPCOM_JSON_API_HOST_HEADER : 'public-api.wordpress.com',
129		),
130		'timeout' => 60,
131		'method' => 'POST',
132		'body' => json_encode( $request_body )
133		);
134
135		$url = sprintf( 'https://%s/rest/v1.3/jpphp/%d/partner-provision', self::get_api_host(), $blog_id );
136	View Code Duplication	if ( ! empty( $named_args['partner-tracking-id'] ) ) {
137		$url = esc_url_raw( add_query_arg( 'partner_tracking_id', $named_args['partner-tracking-id'], $url ) );
138		}
139
140		// add calypso env if set
141		if ( getenv( 'CALYPSO_ENV' ) ) {
142		$url = add_query_arg( array( 'calypso_env' => getenv( 'CALYPSO_ENV' ) ), $url );
143		}
144
145		$result = Jetpack_Client::_wp_remote_request( $url, $request );
146
147		if ( is_wp_error( $result ) ) {
148		return $result;
149		}
150
151		$response_code = wp_remote_retrieve_response_code( $result );
152		$body_json = json_decode( wp_remote_retrieve_body( $result ) );
153
154	View Code Duplication	if( 200 !== $response_code ) {
155		if ( isset( $body_json->error ) ) {
156		return new WP_Error( $body_json->error, $body_json->message );
157		} else {
158		return new WP_Error( 'server_error', sprintf( __( "Request failed with code %s" ), $response_code ) );
159		}
160		}
161
162		if ( isset( $body_json->access_token ) ) {
163		// check if this matches the existing token before replacing
164		$existing_token = Jetpack_Data::get_access_token( $user->ID );
		0 ignored issues – show Bug introduced 2018-02-26 19:33 UTC by Report Bug Copy Issue Report The variable `$user` does not seem to be defined for all execution paths leading up to this point. If you define a variable conditionally, it can happen that it is not defined for all execution paths. Let’s take a look at an example: function myFunction($a) { switch ($a) { case 'foo': $x = 1; break; case 'bar': $x = 2; break; } // $x is potentially undefined here. echo $x; } In the above example, the variable `$x` is defined if you pass “foo” or “bar” as argument for `$a`. However, since the `switch` statement has no default case statement, if you pass any other value, the variable `$x` would be undefined. Available Fixes Check for existence of the variable explicitly: function myFunction($a) { switch ($a) { case 'foo': $x = 1; break; case 'bar': $x = 2; break; } if (isset($x)) { // Make sure it's always set. echo $x; } } Define a default value for the variable: function myFunction($a) { $x = ''; // Set a default which gets overridden for certain paths. switch ($a) { case 'foo': $x = 1; break; case 'bar': $x = 2; break; } echo $x; } Add a value for the missing path: function myFunction($a) { switch ($a) { case 'foo': $x = 1; break; case 'bar': $x = 2; break; // We add support for the missing case. default: $x = ''; break; } echo $x; } Loading history...
165		if ( empty( $existing_token ) \|\| $existing_token->secret !== $body_json->access_token ) {
166		self::authorize_user( $user->ID, $body_json->access_token );
167		}
168		}
169
170		return $body_json;
171		}
172
173		private static function authorize_user( $user_id, $access_token ) {
174		// authorize user and enable SSO
175		Jetpack::update_user_token( $user_id, sprintf( '%s.%d', $access_token, $user_id ), true );
176
177		/**
178		* Auto-enable SSO module for new Jetpack Start connections
179		*
180		* @since 5.0.0
181		*
182		* @param bool $enable_sso Whether to enable the SSO module. Default to true.
183		*/
184		$other_modules = apply_filters( 'jetpack_start_enable_sso', true )
185		? array( 'sso' )
186		: array();
187
188	View Code Duplication	if ( $active_modules = Jetpack_Options::get_option( 'active_modules' ) ) {
189		Jetpack::delete_active_modules();
190		Jetpack::activate_default_modules( 999, 1, array_merge( $active_modules, $other_modules ), false );
		0 ignored issues – show Documentation introduced 2017-10-19 23:58 UTC by Report Bug Copy Issue Report `999` is of type `integer`, but the function expects a `boolean`. It seems like the type of the argument is not accepted by the function/method which you are calling. In some cases, in particular if PHP’s automatic type-juggling kicks in this might be fine. In other cases, however this might be a bug. We suggest to add an explicit type cast like in the following example: function acceptsInteger($int) { } $x = '123'; // string "123" // Instead of acceptsInteger($x); // we recommend to use acceptsInteger((integer) $x); Loading history...
191		} else {
192		Jetpack::activate_default_modules( false, false, $other_modules, false );
193		}
194		}
195
196		private static function verify_token( $access_token ) {
197		$request = array(
198		'headers' => array(
199		'Authorization' => "Bearer " . $access_token,
200		'Host' => defined( 'JETPACK__WPCOM_JSON_API_HOST_HEADER' ) ? JETPACK__WPCOM_JSON_API_HOST_HEADER : 'public-api.wordpress.com',
201		),
202		'timeout' => 10,
203		'method' => 'POST',
204		'body' => ''
205		);
206
207		$url = sprintf( 'https://%s/rest/v1.3/jpphp/partner-keys/verify', self::get_api_host() );
208		$result = Jetpack_Client::_wp_remote_request( $url, $request );
209
210		if ( is_wp_error( $result ) ) {
211		return $result;
212		}
213
214		$response_code = wp_remote_retrieve_response_code( $result );
215		$body_json = json_decode( wp_remote_retrieve_body( $result ) );
216
217	View Code Duplication	if( 200 !== $response_code ) {
218		if ( isset( $body_json->error ) ) {
219		return new WP_Error( $body_json->error, $body_json->message );
220		} else {
221		return new WP_Error( 'server_error', sprintf( __( "Request failed with code %s" ), $response_code ) );
222		}
223		}
224
225		return true;
226		}
227
228		private static function get_api_host() {
229		$env_api_host = getenv( 'JETPACK_START_API_HOST', true );
230		return $env_api_host ? $env_api_host : JETPACK__WPCOM_JSON_API_HOST;
231		}
232		}
233

Automattic / jetpack

Push — try/remote-provision ( 127020...f1bd34 )

Jetpack_Provision::authorize_user() A

Complexity

Size

Duplication

Importance

Available Fixes

Duplication Side-by-Side

Filter issues like