Jetpack_Client_Server::get_jetpack() - Code Metrics - Inspection of "Jetpack Client:" - Automattic/jetpack - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — add/nosara-tracks ( 79b50d...203c45 )

unknown

created 2016-01-06 21:01 UTC

Jetpack_Client_Server::get_jetpack() A

↳ Parent: Jetpack_Client_Server

Complexity

Conditions	1
Paths	1

Size

Total Lines	3
Code Lines	2

Duplication

Lines	0
Ratio	0 %

Metric	Value
dl	0
loc	3
rs	10
nc	1
cc	1
eloc	2
nop	0

<?php

/**
 * Client = Plugin
 * Client Server = API Methods the Plugin must respond to
 */
class Jetpack_Client_Server {

	function authorize() {
		$data = stripslashes_deep( $_GET );
		$redirect = isset( $data['redirect'] ) ? esc_url_raw( (string) $data['redirect'] ) : '';

		$jetpack_unique_connection = Jetpack_Options::get_option( 'unique_connection' );
		// Checking if site has been active/connected previously before recording unique connection
		if ( ! $jetpack_unique_connection ) {
			// jetpack_unique_connection option has never been set
			$jetpack_unique_connection = array(
				'connected'     => 0,
				'disconnected'  => 0,
				'version'       => '3.6.1'
			);

			update_option( 'jetpack_unique_connection', $jetpack_unique_connection );

			//track unique connection
			$jetpack = Jetpack::init();

			$jetpack->stat( 'connections', 'unique-connection' );
			$jetpack->do_stats( 'server_side' );
		}

		// increment number of times connected
		$jetpack_unique_connection['connected'] += 1;
		Jetpack_Options::update_option( 'unique_connection', $jetpack_unique_connection );

		do {
			$jetpack = $this->get_jetpack();
			$role = $jetpack->translate_current_user_to_role();

			if ( !$role ) {
				Jetpack::state( 'error', 'no_role' );
				break;
			}

			$cap = $jetpack->translate_role_to_cap( $role );
			if ( !$cap ) {
				Jetpack::state( 'error', 'no_cap' );
				break;
			}

			$this->check_admin_referer( "jetpack-authorize_{$role}_{$redirect}" );

			if ( !empty( $data['error'] ) ) {
				Jetpack::state( 'error', $data['error'] );
				break;
			}

			if ( empty( $data['state'] ) ) {
				Jetpack::state( 'error', 'no_state' );
				break;
			}

			if ( !ctype_digit( $data['state'] ) ) {
				Jetpack::state( 'error', 'invalid_state' );
				break;
			}

			$current_user_id = get_current_user_id();
			if ( $current_user_id != $data['state'] ) {
				Jetpack::state( 'error', 'wrong_state' );
				break;
			}

			if ( empty( $data['code'] ) ) {
				Jetpack::state( 'error', 'no_code' );
				break;
			}

			$token = $this->get_token( $data );

			if ( is_wp_error( $token ) ) {
				if ( $error = $token->get_error_code() )
					Jetpack::state( 'error', $error );
				else
					Jetpack::state( 'error', 'invalid_token' );

				Jetpack::state( 'error_description', $token->get_error_message() );

				break;
			}

			if ( !$token ) {
				Jetpack::state( 'error', 'no_token' );
				break;
			}

			$is_master_user = ! Jetpack::is_active();

			Jetpack::update_user_token( $current_user_id, sprintf( '%s.%d', $token, $current_user_id ), $is_master_user );


			if ( $is_master_user ) {
				Jetpack::state( 'message', 'authorized' );
			} else {
				Jetpack::state( 'message', 'linked' );
				// Don't activate anything since we are just connecting a user.
				break;
			}

			if ( $active_modules = Jetpack_Options::get_option( 'active_modules' ) ) {
				Jetpack_Options::delete_option( 'active_modules' );

				Jetpack::activate_default_modules( 999, 1, $active_modules );
function acceptsInteger($int) { }

$x = '123'; // string "123"

// Instead of
acceptsInteger($x);

// we recommend to use
acceptsInteger((integer) $x);
			} else {
				Jetpack::activate_default_modules();
			}

			// Sync all registers options and constants
			/** This action is documented in class.jetpack.php */
			do_action( 'jetpack_sync_all_registered_options' );

			/**
			 * Fires after a user connects their site to WordPress.com
			 *
			 * @since 3.9
			 */
			do_action( 'jetpack_user_authorized' );

			// Start nonce cleaner
			wp_clear_scheduled_hook( 'jetpack_clean_nonces' );
			wp_schedule_event( time(), 'hourly', 'jetpack_clean_nonces' );
		} while ( false );

		if ( wp_validate_redirect( $redirect ) ) {
			$this->wp_safe_redirect( $redirect );
		} else {
			$this->wp_safe_redirect( Jetpack::admin_url() );
		}

		$this->do_exit();
	}

	public static function deactivate_plugin( $probable_file, $probable_title ) {
		include_once( ABSPATH . 'wp-admin/includes/plugin.php' );
		if ( is_plugin_active( $probable_file ) ) {
			deactivate_plugins( $probable_file );
			return 1;
		} else {
			// If the plugin is not in the usual place, try looking through all active plugins.
			$active_plugins = Jetpack::get_active_plugins();
			foreach ( $active_plugins as $plugin ) {
				$data = get_plugin_data( WP_PLUGIN_DIR . '/' . $plugin );
				if ( $data['Name'] == $probable_title ) {
					deactivate_plugins( $plugin );
					return 1;
				}
			}
		}

		return 0;
	}

	/**
	 * @return object|WP_Error
	 */
	function get_token( $data ) {
		$jetpack = $this->get_jetpack();
		$role = $jetpack->translate_current_user_to_role();

		if ( !$role ) {
			return new Jetpack_Error( 'role', __( 'An administrator for this blog must set up the Jetpack connection.', 'jetpack' ) );
		}

		$client_secret = Jetpack_Data::get_access_token();
		if ( !$client_secret ) {
			return new Jetpack_Error( 'client_secret', __( 'You need to register your Jetpack before connecting it.', 'jetpack' ) );
		}

		$redirect = isset( $data['redirect'] ) ? esc_url_raw( (string) $data['redirect'] ) : '';

		$body = array(
			'client_id' => Jetpack_Options::get_option( 'id' ),
			'client_secret' => $client_secret->secret,
			'grant_type' => 'authorization_code',
			'code' => $data['code'],
			'redirect_uri' => add_query_arg( array(
				'action' => 'authorize',
				'_wpnonce' => wp_create_nonce( "jetpack-authorize_{$role}_{$redirect}" ),
				'redirect' => $redirect ? urlencode( $redirect ) : false,
			), menu_page_url( 'jetpack', false ) ),
		);

		$args = array(
			'method' => 'POST',
			'body' => $body,
			'headers' => array(
				'Accept' => 'application/json',
			),
		);
		$response = Jetpack_Client::_wp_remote_request( Jetpack::fix_url_for_bad_hosts( Jetpack::api_url( 'token' ) ), $args );

		if ( is_wp_error( $response ) ) {
			return new Jetpack_Error( 'token_http_request_failed', $response->get_error_message() );
		}

		$code = wp_remote_retrieve_response_code( $response );
		$entity = wp_remote_retrieve_body( $response );

		if ( $entity )
			$json = json_decode( $entity );
		else
			$json = false;

		if ( 200 != $code || !empty( $json->error ) ) {
			if ( empty( $json->error ) )
				return new Jetpack_Error( 'unknown', '', $code );

			$error_description = isset( $json->error_description ) ? sprintf( __( 'Error Details: %s', 'jetpack' ), (string) $json->error_description ) : '';

			return new Jetpack_Error( (string) $json->error, $error_description, $code );
		}

		if ( empty( $json->access_token ) || !is_scalar( $json->access_token ) ) {
			return new Jetpack_Error( 'access_token', '', $code );
		}

		if ( empty( $json->token_type ) || 'X_JETPACK' != strtoupper( $json->token_type ) ) {
			return new Jetpack_Error( 'token_type', '', $code );
		}

		if ( empty( $json->scope ) ) {
			return new Jetpack_Error( 'scope', 'No Scope', $code );
		}
		@list( $role, $hmac ) = explode( ':', $json->scope );
// For example instead of
@mkdir($dir);

// Better use
if (@mkdir($dir) === false) {
    throw new \RuntimeException('The directory '.$dir.' could not be created.');
}
		if ( empty( $role ) || empty( $hmac ) ) {
			return new Jetpack_Error( 'scope', 'Malformed Scope', $code );
		}
		if ( $jetpack->sign_role( $role ) !== $json->scope ) {
			return new Jetpack_Error( 'scope', 'Invalid Scope', $code );
		}

		if ( !$cap = $jetpack->translate_role_to_cap( $role ) )
			return new Jetpack_Error( 'scope', 'No Cap', $code );
		if ( !current_user_can( $cap ) )
			return new Jetpack_Error( 'scope', 'current_user_cannot', $code );

		return (string) $json->access_token;
	}

	public function get_jetpack() {
		return Jetpack::init();
	}

	public function check_admin_referer( $action ) {
		return check_admin_referer( $action );
	}

	public function wp_safe_redirect( $redirect ) {
		return wp_safe_redirect( $redirect );
	}

	public function do_exit() {
		exit;

	}

}


1			<?php
2
3			/**
4			* Client = Plugin
5			* Client Server = API Methods the Plugin must respond to
6			*/
7			class Jetpack_Client_Server {
8
9			function authorize() {
10			$data = stripslashes_deep( $_GET );
11			$redirect = isset( $data['redirect'] ) ? esc_url_raw( (string) $data['redirect'] ) : '';
12
13			$jetpack_unique_connection = Jetpack_Options::get_option( 'unique_connection' );
14			// Checking if site has been active/connected previously before recording unique connection
15			if ( ! $jetpack_unique_connection ) {
16			// jetpack_unique_connection option has never been set
17			$jetpack_unique_connection = array(
18			'connected' => 0,
19			'disconnected' => 0,
20			'version' => '3.6.1'
21			);
22
23			update_option( 'jetpack_unique_connection', $jetpack_unique_connection );
24
25			//track unique connection
26			$jetpack = Jetpack::init();
27
28			$jetpack->stat( 'connections', 'unique-connection' );
29			$jetpack->do_stats( 'server_side' );
30			}
31
32			// increment number of times connected
33			$jetpack_unique_connection['connected'] += 1;
34			Jetpack_Options::update_option( 'unique_connection', $jetpack_unique_connection );
35
36			do {
37			$jetpack = $this->get_jetpack();
38			$role = $jetpack->translate_current_user_to_role();
39
40			if ( !$role ) {
41			Jetpack::state( 'error', 'no_role' );
42			break;
43			}
44
45			$cap = $jetpack->translate_role_to_cap( $role );
46			if ( !$cap ) {
47			Jetpack::state( 'error', 'no_cap' );
48			break;
49			}
50
51			$this->check_admin_referer( "jetpack-authorize_{$role}_{$redirect}" );
52
53			if ( !empty( $data['error'] ) ) {
54			Jetpack::state( 'error', $data['error'] );
55			break;
56			}
57
58			if ( empty( $data['state'] ) ) {
59			Jetpack::state( 'error', 'no_state' );
60			break;
61			}
62
63			if ( !ctype_digit( $data['state'] ) ) {
64			Jetpack::state( 'error', 'invalid_state' );
65			break;
66			}
67
68			$current_user_id = get_current_user_id();
69			if ( $current_user_id != $data['state'] ) {
70			Jetpack::state( 'error', 'wrong_state' );
71			break;
72			}
73
74			if ( empty( $data['code'] ) ) {
75			Jetpack::state( 'error', 'no_code' );
76			break;
77			}
78
79			$token = $this->get_token( $data );
80
81			if ( is_wp_error( $token ) ) {
82			if ( $error = $token->get_error_code() )
83			Jetpack::state( 'error', $error );
84			else
85			Jetpack::state( 'error', 'invalid_token' );
86
87			Jetpack::state( 'error_description', $token->get_error_message() );
88
89			break;
90			}
91
92			if ( !$token ) {
93			Jetpack::state( 'error', 'no_token' );
94			break;
95			}
96
97			$is_master_user = ! Jetpack::is_active();
98
99			Jetpack::update_user_token( $current_user_id, sprintf( '%s.%d', $token, $current_user_id ), $is_master_user );
100
101
102			if ( $is_master_user ) {
103			Jetpack::state( 'message', 'authorized' );
104			} else {
105			Jetpack::state( 'message', 'linked' );
106			// Don't activate anything since we are just connecting a user.
107			break;
108			}
109
110			if ( $active_modules = Jetpack_Options::get_option( 'active_modules' ) ) {
111			Jetpack_Options::delete_option( 'active_modules' );
112
113			Jetpack::activate_default_modules( 999, 1, $active_modules );
			0 ignored issues – show Documentation introduced 2015-11-20 23:03 UTC by Report Bug Copy Issue Report `999` is of type `integer`, but the function expects a `boolean`. It seems like the type of the argument is not accepted by the function/method which you are calling. In some cases, in particular if PHP’s automatic type-juggling kicks in this might be fine. In other cases, however this might be a bug. We suggest to add an explicit type cast like in the following example: function acceptsInteger($int) { } $x = '123'; // string "123" // Instead of acceptsInteger($x); // we recommend to use acceptsInteger((integer) $x); Loading history... Documentation introduced 2015-11-20 23:03 UTC by Report Bug Copy Issue Report `1` is of type `integer`, but the function expects a `boolean`. It seems like the type of the argument is not accepted by the function/method which you are calling. In some cases, in particular if PHP’s automatic type-juggling kicks in this might be fine. In other cases, however this might be a bug. We suggest to add an explicit type cast like in the following example: function acceptsInteger($int) { } $x = '123'; // string "123" // Instead of acceptsInteger($x); // we recommend to use acceptsInteger((integer) $x); Loading history...
114			} else {
115			Jetpack::activate_default_modules();
116			}
117
118			// Sync all registers options and constants
119			/** This action is documented in class.jetpack.php */
120			do_action( 'jetpack_sync_all_registered_options' );
121
122			/**
123			* Fires after a user connects their site to WordPress.com
124			*
125			* @since 3.9
126			*/
127			do_action( 'jetpack_user_authorized' );
128
129			// Start nonce cleaner
130			wp_clear_scheduled_hook( 'jetpack_clean_nonces' );
131			wp_schedule_event( time(), 'hourly', 'jetpack_clean_nonces' );
132			} while ( false );
133
134			if ( wp_validate_redirect( $redirect ) ) {
135			$this->wp_safe_redirect( $redirect );
136			} else {
137			$this->wp_safe_redirect( Jetpack::admin_url() );
138			}
139
140			$this->do_exit();
141			}
142
143			public static function deactivate_plugin( $probable_file, $probable_title ) {
144			include_once( ABSPATH . 'wp-admin/includes/plugin.php' );
145			if ( is_plugin_active( $probable_file ) ) {
146			deactivate_plugins( $probable_file );
147			return 1;
148			} else {
149			// If the plugin is not in the usual place, try looking through all active plugins.
150			$active_plugins = Jetpack::get_active_plugins();
151			foreach ( $active_plugins as $plugin ) {
152			$data = get_plugin_data( WP_PLUGIN_DIR . '/' . $plugin );
153			if ( $data['Name'] == $probable_title ) {
154			deactivate_plugins( $plugin );
155			return 1;
156			}
157			}
158			}
159
160			return 0;
161			}
162
163			/**
164			* @return object\|WP_Error
165			*/
166			function get_token( $data ) {
167			$jetpack = $this->get_jetpack();
168			$role = $jetpack->translate_current_user_to_role();
169
170			if ( !$role ) {
171			return new Jetpack_Error( 'role', __( 'An administrator for this blog must set up the Jetpack connection.', 'jetpack' ) );
172			}
173
174			$client_secret = Jetpack_Data::get_access_token();
175			if ( !$client_secret ) {
176			return new Jetpack_Error( 'client_secret', __( 'You need to register your Jetpack before connecting it.', 'jetpack' ) );
177			}
178
179			$redirect = isset( $data['redirect'] ) ? esc_url_raw( (string) $data['redirect'] ) : '';
180
181			$body = array(
182			'client_id' => Jetpack_Options::get_option( 'id' ),
183			'client_secret' => $client_secret->secret,
184			'grant_type' => 'authorization_code',
185			'code' => $data['code'],
186			'redirect_uri' => add_query_arg( array(
187			'action' => 'authorize',
188			'_wpnonce' => wp_create_nonce( "jetpack-authorize_{$role}_{$redirect}" ),
189			'redirect' => $redirect ? urlencode( $redirect ) : false,
190			), menu_page_url( 'jetpack', false ) ),
191			);
192
193			$args = array(
194			'method' => 'POST',
195			'body' => $body,
196			'headers' => array(
197			'Accept' => 'application/json',
198			),
199			);
200			$response = Jetpack_Client::_wp_remote_request( Jetpack::fix_url_for_bad_hosts( Jetpack::api_url( 'token' ) ), $args );
201
202			if ( is_wp_error( $response ) ) {
203			return new Jetpack_Error( 'token_http_request_failed', $response->get_error_message() );
204			}
205
206			$code = wp_remote_retrieve_response_code( $response );
207			$entity = wp_remote_retrieve_body( $response );
208
209			if ( $entity )
210			$json = json_decode( $entity );
211			else
212			$json = false;
213
214			if ( 200 != $code \|\| !empty( $json->error ) ) {
215			if ( empty( $json->error ) )
216			return new Jetpack_Error( 'unknown', '', $code );
217
218			$error_description = isset( $json->error_description ) ? sprintf( __( 'Error Details: %s', 'jetpack' ), (string) $json->error_description ) : '';
219
220			return new Jetpack_Error( (string) $json->error, $error_description, $code );
221			}
222
223			if ( empty( $json->access_token ) \|\| !is_scalar( $json->access_token ) ) {
224			return new Jetpack_Error( 'access_token', '', $code );
225			}
226
227			if ( empty( $json->token_type ) \|\| 'X_JETPACK' != strtoupper( $json->token_type ) ) {
228			return new Jetpack_Error( 'token_type', '', $code );
229			}
230
231			if ( empty( $json->scope ) ) {
232			return new Jetpack_Error( 'scope', 'No Scope', $code );
233			}
234			@list( $role, $hmac ) = explode( ':', $json->scope );
			0 ignored issues – show Security Best Practice introduced 2015-11-20 23:03 UTC by Report Bug Copy Issue Report It seems like you do not handle an error condition here. This can introduce security issues, and is generally not recommended. If you suppress an error, we recommend checking for the error condition explicitly: // For example instead of @mkdir($dir); // Better use if (@mkdir($dir) === false) { throw new \RuntimeException('The directory '.$dir.' could not be created.'); } Loading history...
235			if ( empty( $role ) \|\| empty( $hmac ) ) {
236			return new Jetpack_Error( 'scope', 'Malformed Scope', $code );
237			}
238			if ( $jetpack->sign_role( $role ) !== $json->scope ) {
239			return new Jetpack_Error( 'scope', 'Invalid Scope', $code );
240			}
241
242			if ( !$cap = $jetpack->translate_role_to_cap( $role ) )
243			return new Jetpack_Error( 'scope', 'No Cap', $code );
244			if ( !current_user_can( $cap ) )
245			return new Jetpack_Error( 'scope', 'current_user_cannot', $code );
246
247			return (string) $json->access_token;
248			}
249
250			public function get_jetpack() {
251			return Jetpack::init();
252			}
253
254			public function check_admin_referer( $action ) {
255			return check_admin_referer( $action );
256			}
257
258			public function wp_safe_redirect( $redirect ) {
259			return wp_safe_redirect( $redirect );
260			}
261
262			public function do_exit() {
263			exit;
			0 ignored issues – show Coding Style Compatibility introduced 2015-11-20 23:04 UTC by Report Bug Copy Issue Report The method `do_exit()` contains an exit expression. An exit expression should only be used in rare cases. For example, if you write a short command line script. In most cases however, using an `exit` expression makes the code untestable and often causes incompatibilities with other libraries. Thus, unless you are absolutely sure it is required here, we recommend to refactor your code to avoid its usage. Loading history...
264			}
265
266			}
267

Automattic / jetpack

Push — add/nosara-tracks ( 79b50d...203c45 )

Jetpack_Client_Server::get_jetpack() A

Complexity

Size

Duplication

Duplication Side-by-Side

Filter issues like