Completed
Push — add/connection-authentication-... ( 475286...e71eca )
by
unknown
06:26
created

Manager::get_authorization_url()   B

Complexity

Conditions 2
Paths 2

Size

Total Lines 86

Duplication

Lines 0
Ratio 0 %

Importance

Changes 0
Metric Value
cc 2
nc 2
nop 2
dl 0
loc 86
rs 8.3054
c 0
b 0
f 0

How to fix   Long Method   

Long Method

Small methods make your code easier to understand, in particular if combined with a good name. Besides, if your method is small, finding a good name is usually much easier.

For example, if you find yourself adding comments to a method's body, this is usually a good sign to extract the commented part to a new method, and use the comment as a starting point when coming up with a good name for this new method.

Commonly applied refactorings include:

1
<?php
2
/**
3
 * The Jetpack Connection manager class file.
4
 *
5
 * @package automattic/jetpack-connection
6
 */
7
8
namespace Automattic\Jetpack\Connection;
9
10
use Automattic\Jetpack\Constants;
11
use Automattic\Jetpack\Roles;
12
use Automattic\Jetpack\Tracking;
13
14
/**
15
 * The Jetpack Connection Manager class that is used as a single gateway between WordPress.com
16
 * and Jetpack.
17
 */
18
class Manager {
19
20
	const SECRETS_MISSING        = 'secrets_missing';
21
	const SECRETS_EXPIRED        = 'secrets_expired';
22
	const SECRETS_OPTION_NAME    = 'jetpack_secrets';
23
	const MAGIC_NORMAL_TOKEN_KEY = ';normal;';
24
	const JETPACK_MASTER_USER    = true;
25
26
	/**
27
	 * The procedure that should be run to generate secrets.
28
	 *
29
	 * @var Callable
30
	 */
31
	protected $secret_callable;
32
33
	/**
34
	 * A copy of the raw POST data for signature verification purposes.
35
	 *
36
	 * @var String
37
	 */
38
	protected $raw_post_data;
39
40
	/**
41
	 * Verification data needs to be stored to properly verify everything.
42
	 *
43
	 * @var Object
44
	 */
45
	private $xmlrpc_verification = null;
46
47
	/**
48
	 * Initializes required listeners. This is done separately from the constructors
49
	 * because some objects sometimes need to instantiate separate objects of this class.
50
	 *
51
	 * @todo Implement a proper nonce verification.
52
	 */
53
	public function init() {
54
		$this->setup_xmlrpc_handlers(
55
			$_GET, // phpcs:ignore WordPress.Security.NonceVerification.Recommended
56
			$this->is_active(),
57
			$this->verify_xml_rpc_signature()
0 ignored issues
show
Bug introduced by
It seems like $this->verify_xml_rpc_signature() targeting Automattic\Jetpack\Conne...ify_xml_rpc_signature() can also be of type array; however, Automattic\Jetpack\Conne...setup_xmlrpc_handlers() does only seem to accept boolean, maybe add an additional type check?

This check looks at variables that are passed out again to other methods.

If the outgoing method call has stricter type requirements than the method itself, an issue is raised.

An additional type check may prevent trouble.

Loading history...
58
		);
59
60
		if ( $this->is_active() ) {
61
			add_filter( 'xmlrpc_methods', array( $this, 'public_xmlrpc_methods' ) );
62
		} else {
63
			add_action( 'rest_api_init', array( $this, 'initialize_rest_api_registration_connector' ) );
64
		}
65
66
		add_action( 'jetpack_clean_nonces', array( $this, 'clean_nonces' ) );
67
		if ( ! wp_next_scheduled( 'jetpack_clean_nonces' ) ) {
68
			wp_schedule_event( time(), 'hourly', 'jetpack_clean_nonces' );
69
		}
70
	}
71
72
	/**
73
	 * Sets up the XMLRPC request handlers.
74
	 *
75
	 * @param Array                  $request_params incoming request parameters.
76
	 * @param Boolean                $is_active whether the connection is currently active.
77
	 * @param Boolean                $is_signed whether the signature check has been successful.
78
	 * @param \Jetpack_XMLRPC_Server $xmlrpc_server (optional) an instance of the server to use instead of instantiating a new one.
0 ignored issues
show
Documentation introduced by
Should the type for parameter $xmlrpc_server not be null|\Jetpack_XMLRPC_Server?

This check looks for @param annotations where the type inferred by our type inference engine differs from the declared type.

It makes a suggestion as to what type it considers more descriptive.

Most often this is a case of a parameter that can be null in addition to its declared types.

Loading history...
79
	 */
80
	public function setup_xmlrpc_handlers(
81
		$request_params,
82
		$is_active,
83
		$is_signed,
84
		\Jetpack_XMLRPC_Server $xmlrpc_server = null
85
	) {
86
		add_filter( 'xmlrpc_blog_options', array( $this, 'xmlrpc_options' ), 1000, 2 );
87
88
		if (
89
			! isset( $request_params['for'] )
90
			|| 'jetpack' !== $request_params['for']
91
		) {
92
			return false;
93
		}
94
95
		// Alternate XML-RPC, via ?for=jetpack&jetpack=comms.
96
		if (
97
			isset( $request_params['jetpack'] )
98
			&& 'comms' === $request_params['jetpack']
99
		) {
100
			if ( ! Constants::is_defined( 'XMLRPC_REQUEST' ) ) {
101
				// Use the real constant here for WordPress' sake.
102
				define( 'XMLRPC_REQUEST', true );
103
			}
104
105
			add_action( 'template_redirect', array( $this, 'alternate_xmlrpc' ) );
106
107
			add_filter( 'xmlrpc_methods', array( $this, 'remove_non_jetpack_xmlrpc_methods' ), 1000 );
108
		}
109
110
		if ( ! Constants::get_constant( 'XMLRPC_REQUEST' ) ) {
111
			return false;
112
		}
113
		// Display errors can cause the XML to be not well formed.
114
		@ini_set( 'display_errors', false ); // phpcs:ignore
0 ignored issues
show
Security Best Practice introduced by
It seems like you do not handle an error condition here. This can introduce security issues, and is generally not recommended.

If you suppress an error, we recommend checking for the error condition explicitly:

// For example instead of
@mkdir($dir);

// Better use
if (@mkdir($dir) === false) {
    throw new \RuntimeException('The directory '.$dir.' could not be created.');
}
Loading history...
115
116
		if ( $xmlrpc_server ) {
117
			$this->xmlrpc_server = $xmlrpc_server;
0 ignored issues
show
Bug introduced by
The property xmlrpc_server does not exist. Did you maybe forget to declare it?

In PHP it is possible to write to properties without declaring them. For example, the following is perfectly valid PHP code:

class MyClass { }

$x = new MyClass();
$x->foo = true;

Generally, it is a good practice to explictly declare properties to avoid accidental typos and provide IDE auto-completion:

class MyClass {
    public $foo;
}

$x = new MyClass();
$x->foo = true;
Loading history...
118
		} else {
119
			$this->xmlrpc_server = new \Jetpack_XMLRPC_Server();
120
		}
121
122
		$this->require_jetpack_authentication();
123
124
		if ( $is_active ) {
125
			// Hack to preserve $HTTP_RAW_POST_DATA.
126
			add_filter( 'xmlrpc_methods', array( $this, 'xmlrpc_methods' ) );
127
128
			if ( $is_signed ) {
129
				// The actual API methods.
130
				add_filter( 'xmlrpc_methods', array( $this->xmlrpc_server, 'xmlrpc_methods' ) );
131
			} else {
132
				// The jetpack.authorize method should be available for unauthenticated users on a site with an
133
				// active Jetpack connection, so that additional users can link their account.
134
				add_filter( 'xmlrpc_methods', array( $this->xmlrpc_server, 'authorize_xmlrpc_methods' ) );
135
			}
136
		} else {
137
			// The bootstrap API methods.
138
			add_filter( 'xmlrpc_methods', array( $this->xmlrpc_server, 'bootstrap_xmlrpc_methods' ) );
139
140
			if ( $is_signed ) {
141
				// The jetpack Provision method is available for blog-token-signed requests.
142
				add_filter( 'xmlrpc_methods', array( $this->xmlrpc_server, 'provision_xmlrpc_methods' ) );
143
			} else {
144
				new XMLRPC_Connector( $this );
145
			}
146
		}
147
148
		// Now that no one can authenticate, and we're whitelisting all XML-RPC methods, force enable_xmlrpc on.
149
		add_filter( 'pre_option_enable_xmlrpc', '__return_true' );
150
		return true;
151
	}
152
153
	/**
154
	 * Initializes the REST API connector on the init hook.
155
	 */
156
	public function initialize_rest_api_registration_connector() {
157
		new REST_Connector( $this );
158
	}
159
160
	/**
161
	 * Since a lot of hosts use a hammer approach to "protecting" WordPress sites,
162
	 * and just blanket block all requests to /xmlrpc.php, or apply other overly-sensitive
163
	 * security/firewall policies, we provide our own alternate XML RPC API endpoint
164
	 * which is accessible via a different URI. Most of the below is copied directly
165
	 * from /xmlrpc.php so that we're replicating it as closely as possible.
166
	 *
167
	 * @todo Tighten $wp_xmlrpc_server_class a bit to make sure it doesn't do bad things.
168
	 */
169
	public function alternate_xmlrpc() {
170
		// phpcs:disable PHPCompatibility.Variables.RemovedPredefinedGlobalVariables.http_raw_post_dataDeprecatedRemoved
171
		// phpcs:disable WordPress.WP.GlobalVariablesOverride.Prohibited
172
		global $HTTP_RAW_POST_DATA;
173
174
		// Some browser-embedded clients send cookies. We don't want them.
175
		$_COOKIE = array();
176
177
		// A fix for mozBlog and other cases where '<?xml' isn't on the very first line.
178
		if ( isset( $HTTP_RAW_POST_DATA ) ) {
179
			$HTTP_RAW_POST_DATA = trim( $HTTP_RAW_POST_DATA );
180
		}
181
182
		// phpcs:enable
183
184
		include_once ABSPATH . 'wp-admin/includes/admin.php';
185
		include_once ABSPATH . WPINC . '/class-IXR.php';
186
		include_once ABSPATH . WPINC . '/class-wp-xmlrpc-server.php';
187
188
		/**
189
		 * Filters the class used for handling XML-RPC requests.
190
		 *
191
		 * @since 3.1.0
192
		 *
193
		 * @param string $class The name of the XML-RPC server class.
194
		 */
195
		$wp_xmlrpc_server_class = apply_filters( 'wp_xmlrpc_server_class', 'wp_xmlrpc_server' );
196
		$wp_xmlrpc_server       = new $wp_xmlrpc_server_class();
197
198
		// Fire off the request.
199
		nocache_headers();
200
		$wp_xmlrpc_server->serve_request();
201
202
		exit;
203
	}
204
205
	/**
206
	 * Removes all XML-RPC methods that are not `jetpack.*`.
207
	 * Only used in our alternate XML-RPC endpoint, where we want to
208
	 * ensure that Core and other plugins' methods are not exposed.
209
	 *
210
	 * @param array $methods a list of registered WordPress XMLRPC methods.
211
	 * @return array filtered $methods
212
	 */
213
	public function remove_non_jetpack_xmlrpc_methods( $methods ) {
214
		$jetpack_methods = array();
215
216
		foreach ( $methods as $method => $callback ) {
217
			if ( 0 === strpos( $method, 'jetpack.' ) ) {
218
				$jetpack_methods[ $method ] = $callback;
219
			}
220
		}
221
222
		return $jetpack_methods;
223
	}
224
225
	/**
226
	 * Removes all other authentication methods not to allow other
227
	 * methods to validate unauthenticated requests.
228
	 */
229
	public function require_jetpack_authentication() {
230
		// Don't let anyone authenticate.
231
		$_COOKIE = array();
232
		remove_all_filters( 'authenticate' );
233
		remove_all_actions( 'wp_login_failed' );
234
235
		if ( $this->is_active() ) {
236
			// Allow Jetpack authentication.
237
			add_filter( 'authenticate', array( $this, 'authenticate_jetpack' ), 10, 3 );
238
		}
239
	}
240
241
	/**
242
	 * Authenticates XML-RPC and other requests from the Jetpack Server
243
	 *
244
	 * @param WP_User|Mixed $user user object if authenticated.
245
	 * @param String        $username username.
246
	 * @param String        $password password string.
247
	 * @return WP_User|Mixed authenticated user or error.
248
	 */
249
	public function authenticate_jetpack( $user, $username, $password ) {
250
		if ( is_a( $user, '\\WP_User' ) ) {
251
			return $user;
252
		}
253
254
		$token_details = $this->verify_xml_rpc_signature();
255
256
		if ( ! $token_details ) {
257
			return $user;
258
		}
259
260
		if ( 'user' !== $token_details['type'] ) {
261
			return $user;
262
		}
263
264
		if ( ! $token_details['user_id'] ) {
265
			return $user;
266
		}
267
268
		nocache_headers();
269
270
		return new \WP_User( $token_details['user_id'] );
271
	}
272
273
	/**
274
	 * Verifies the signature of the current request.
275
	 *
276
	 * @return false|array
277
	 */
278
	public function verify_xml_rpc_signature() {
279
		if ( is_null( $this->xmlrpc_verification ) ) {
280
			$this->xmlrpc_verification = $this->internal_verify_xml_rpc_signature();
281
282
			if ( is_wp_error( $this->xmlrpc_verification ) ) {
283
				/**
284
				 * Action for logging XMLRPC signature verification errors. This data is sensitive.
285
				 *
286
				 * Error codes:
287
				 * - malformed_token
288
				 * - malformed_user_id
289
				 * - unknown_token
290
				 * - could_not_sign
291
				 * - invalid_nonce
292
				 * - signature_mismatch
293
				 *
294
				 * @since 7.5.0
295
				 *
296
				 * @param WP_Error $signature_verification_error The verification error
297
				 */
298
				do_action( 'jetpack_verify_signature_error', $this->xmlrpc_verification );
299
			}
300
		}
301
302
		return is_wp_error( $this->xmlrpc_verification ) ? false : $this->xmlrpc_verification;
303
	}
304
305
	/**
306
	 * Verifies the signature of the current request.
307
	 *
308
	 * This function has side effects and should not be used. Instead,
309
	 * use the memoized version `->verify_xml_rpc_signature()`.
310
	 *
311
	 * @internal
312
	 * @todo Refactor to use proper nonce verification.
313
	 */
314
	private function internal_verify_xml_rpc_signature() {
315
		// phpcs:disable WordPress.Security.NonceVerification.Recommended
316
		// It's not for us.
317
		if ( ! isset( $_GET['token'] ) || empty( $_GET['signature'] ) ) {
318
			return false;
319
		}
320
321
		$signature_details = array(
322
			'token'     => isset( $_GET['token'] ) ? wp_unslash( $_GET['token'] ) : '',
323
			'timestamp' => isset( $_GET['timestamp'] ) ? wp_unslash( $_GET['timestamp'] ) : '',
324
			'nonce'     => isset( $_GET['nonce'] ) ? wp_unslash( $_GET['nonce'] ) : '',
325
			'body_hash' => isset( $_GET['body-hash'] ) ? wp_unslash( $_GET['body-hash'] ) : '',
326
			'method'    => wp_unslash( $_SERVER['REQUEST_METHOD'] ),
327
			'url'       => wp_unslash( $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] ), // Temp - will get real signature URL later.
328
			'signature' => isset( $_GET['signature'] ) ? wp_unslash( $_GET['signature'] ) : '',
329
		);
330
331
		// phpcs:ignore WordPress.PHP.NoSilencedErrors.Discouraged
332
		@list( $token_key, $version, $user_id ) = explode( ':', wp_unslash( $_GET['token'] ) );
0 ignored issues
show
Security Best Practice introduced by
It seems like you do not handle an error condition here. This can introduce security issues, and is generally not recommended.

If you suppress an error, we recommend checking for the error condition explicitly:

// For example instead of
@mkdir($dir);

// Better use
if (@mkdir($dir) === false) {
    throw new \RuntimeException('The directory '.$dir.' could not be created.');
}
Loading history...
333
		// phpcs:enable WordPress.Security.NonceVerification.Recommended
334
335
		if (
336
			empty( $token_key )
337
		||
338
			empty( $version ) || strval( JETPACK__API_VERSION ) !== $version
339
		) {
340
			return new \WP_Error( 'malformed_token', 'Malformed token in request', compact( 'signature_details' ) );
0 ignored issues
show
Unused Code introduced by
The call to WP_Error::__construct() has too many arguments starting with 'malformed_token'.

This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue.

If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress.

In this case you can add the @ignore PhpDoc annotation to the duplicate definition and it will be ignored.

Loading history...
341
		}
342
343
		if ( '0' === $user_id ) {
344
			$token_type = 'blog';
345
			$user_id    = 0;
346
		} else {
347
			$token_type = 'user';
348
			if ( empty( $user_id ) || ! ctype_digit( $user_id ) ) {
349
				return new \WP_Error(
350
					'malformed_user_id',
0 ignored issues
show
Unused Code introduced by
The call to WP_Error::__construct() has too many arguments starting with 'malformed_user_id'.

This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue.

If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress.

In this case you can add the @ignore PhpDoc annotation to the duplicate definition and it will be ignored.

Loading history...
351
					'Malformed user_id in request',
352
					compact( 'signature_details' )
353
				);
354
			}
355
			$user_id = (int) $user_id;
356
357
			$user = new \WP_User( $user_id );
358
			if ( ! $user || ! $user->exists() ) {
359
				return new \WP_Error(
360
					'unknown_user',
0 ignored issues
show
Unused Code introduced by
The call to WP_Error::__construct() has too many arguments starting with 'unknown_user'.

This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue.

If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress.

In this case you can add the @ignore PhpDoc annotation to the duplicate definition and it will be ignored.

Loading history...
361
					sprintf( 'User %d does not exist', $user_id ),
362
					compact( 'signature_details' )
363
				);
364
			}
365
		}
366
367
		$token = $this->get_access_token( $user_id, $token_key, false );
368
		if ( is_wp_error( $token ) ) {
369
			$token->add_data( compact( 'signature_details' ) );
370
			return $token;
371
		} elseif ( ! $token ) {
372
			return new \WP_Error(
373
				'unknown_token',
0 ignored issues
show
Unused Code introduced by
The call to WP_Error::__construct() has too many arguments starting with 'unknown_token'.

This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue.

If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress.

In this case you can add the @ignore PhpDoc annotation to the duplicate definition and it will be ignored.

Loading history...
374
				sprintf( 'Token %s:%s:%d does not exist', $token_key, $version, $user_id ),
375
				compact( 'signature_details' )
376
			);
377
		}
378
379
		$jetpack_signature = new \Jetpack_Signature( $token->secret, (int) \Jetpack_Options::get_option( 'time_diff' ) );
380
		// phpcs:disable WordPress.Security.NonceVerification.Missing
381
		if ( isset( $_POST['_jetpack_is_multipart'] ) ) {
382
			$post_data   = $_POST;
383
			$file_hashes = array();
384
			foreach ( $post_data as $post_data_key => $post_data_value ) {
385
				if ( 0 !== strpos( $post_data_key, '_jetpack_file_hmac_' ) ) {
386
					continue;
387
				}
388
				$post_data_key                 = substr( $post_data_key, strlen( '_jetpack_file_hmac_' ) );
389
				$file_hashes[ $post_data_key ] = $post_data_value;
390
			}
391
392
			foreach ( $file_hashes as $post_data_key => $post_data_value ) {
393
				unset( $post_data[ "_jetpack_file_hmac_{$post_data_key}" ] );
394
				$post_data[ $post_data_key ] = $post_data_value;
395
			}
396
397
			ksort( $post_data );
398
399
			$body = http_build_query( stripslashes_deep( $post_data ) );
400
		} elseif ( is_null( $this->raw_post_data ) ) {
401
			$body = file_get_contents( 'php://input' );
402
		} else {
403
			$body = null;
404
		}
405
		// phpcs:enable
406
407
		$signature = $jetpack_signature->sign_current_request(
408
			array( 'body' => is_null( $body ) ? $this->raw_post_data : $body )
409
		);
410
411
		$signature_details['url'] = $jetpack_signature->current_request_url;
412
413
		if ( ! $signature ) {
414
			return new \WP_Error(
415
				'could_not_sign',
0 ignored issues
show
Unused Code introduced by
The call to WP_Error::__construct() has too many arguments starting with 'could_not_sign'.

This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue.

If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress.

In this case you can add the @ignore PhpDoc annotation to the duplicate definition and it will be ignored.

Loading history...
416
				'Unknown signature error',
417
				compact( 'signature_details' )
418
			);
419
		} elseif ( is_wp_error( $signature ) ) {
420
			return $signature;
421
		}
422
423
		// phpcs:disable WordPress.Security.NonceVerification.Recommended
424
		$timestamp = (int) $_GET['timestamp'];
425
		$nonce     = stripslashes( (string) $_GET['nonce'] );
426
		// phpcs:enable WordPress.Security.NonceVerification.Recommended
427
428
		// Use up the nonce regardless of whether the signature matches.
429
		if ( ! $this->add_nonce( $timestamp, $nonce ) ) {
430
			return new \WP_Error(
431
				'invalid_nonce',
0 ignored issues
show
Unused Code introduced by
The call to WP_Error::__construct() has too many arguments starting with 'invalid_nonce'.

This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue.

If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress.

In this case you can add the @ignore PhpDoc annotation to the duplicate definition and it will be ignored.

Loading history...
432
				'Could not add nonce',
433
				compact( 'signature_details' )
434
			);
435
		}
436
437
		// Be careful about what you do with this debugging data.
438
		// If a malicious requester has access to the expected signature,
439
		// bad things might be possible.
440
		$signature_details['expected'] = $signature;
441
442
		// phpcs:ignore WordPress.Security.NonceVerification.Recommended
443
		if ( ! hash_equals( $signature, $_GET['signature'] ) ) {
444
			return new \WP_Error(
445
				'signature_mismatch',
0 ignored issues
show
Unused Code introduced by
The call to WP_Error::__construct() has too many arguments starting with 'signature_mismatch'.

This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue.

If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress.

In this case you can add the @ignore PhpDoc annotation to the duplicate definition and it will be ignored.

Loading history...
446
				'Signature mismatch',
447
				compact( 'signature_details' )
448
			);
449
		}
450
451
		/**
452
		 * Action for additional token checking.
453
		 *
454
		 * @since 7.7.0
455
		 *
456
		 * @param Array $post_data request data.
457
		 * @param Array $token_data token data.
458
		 */
459
		return apply_filters(
460
			'jetpack_signature_check_token',
461
			array(
462
				'type'      => $token_type,
463
				'token_key' => $token_key,
464
				'user_id'   => $token->external_user_id,
465
			),
466
			$token,
467
			$this->raw_post_data
468
		);
469
	}
470
471
	/**
472
	 * Returns true if the current site is connected to WordPress.com.
473
	 *
474
	 * @return Boolean is the site connected?
475
	 */
476
	public function is_active() {
477
		return (bool) $this->get_access_token( self::JETPACK_MASTER_USER );
0 ignored issues
show
Documentation introduced by
self::JETPACK_MASTER_USER is of type boolean, but the function expects a false|integer.

It seems like the type of the argument is not accepted by the function/method which you are calling.

In some cases, in particular if PHP’s automatic type-juggling kicks in this might be fine. In other cases, however this might be a bug.

We suggest to add an explicit type cast like in the following example:

function acceptsInteger($int) { }

$x = '123'; // string "123"

// Instead of
acceptsInteger($x);

// we recommend to use
acceptsInteger((integer) $x);
Loading history...
478
	}
479
480
	/**
481
	 * Returns true if the site has both a token and a blog id, which indicates a site has been registered.
482
	 *
483
	 * @access public
484
	 *
485
	 * @return bool
486
	 */
487
	public function is_registered() {
488
		$blog_id   = \Jetpack_Options::get_option( 'id' );
489
		$has_token = $this->is_active();
490
		return $blog_id && $has_token;
491
	}
492
493
	/**
494
	 * Checks to see if the connection owner of the site is missing.
495
	 *
496
	 * @return bool
497
	 */
498
	public function is_missing_connection_owner() {
499
		$connection_owner = $this->get_connection_owner_id();
500
		if ( ! get_user_by( 'id', $connection_owner ) ) {
501
			return true;
502
		}
503
504
		return false;
505
	}
506
507
	/**
508
	 * Returns true if the user with the specified identifier is connected to
509
	 * WordPress.com.
510
	 *
511
	 * @param Integer|Boolean $user_id the user identifier.
512
	 * @return Boolean is the user connected?
513
	 */
514
	public function is_user_connected( $user_id = false ) {
515
		$user_id = false === $user_id ? get_current_user_id() : absint( $user_id );
516
		if ( ! $user_id ) {
517
			return false;
518
		}
519
520
		return (bool) $this->get_access_token( $user_id );
521
	}
522
523
	/**
524
	 * Returns the local user ID of the connection owner.
525
	 *
526
	 * @return string|int Returns the ID of the connection owner or False if no connection owner found.
527
	 */
528 View Code Duplication
	public function get_connection_owner_id() {
529
		$user_token       = $this->get_access_token( JETPACK_MASTER_USER );
0 ignored issues
show
Documentation introduced by
JETPACK_MASTER_USER is of type boolean, but the function expects a false|integer.

It seems like the type of the argument is not accepted by the function/method which you are calling.

In some cases, in particular if PHP’s automatic type-juggling kicks in this might be fine. In other cases, however this might be a bug.

We suggest to add an explicit type cast like in the following example:

function acceptsInteger($int) { }

$x = '123'; // string "123"

// Instead of
acceptsInteger($x);

// we recommend to use
acceptsInteger((integer) $x);
Loading history...
530
		$connection_owner = false;
531
		if ( $user_token && is_object( $user_token ) && isset( $user_token->external_user_id ) ) {
532
			$connection_owner = $user_token->external_user_id;
533
		}
534
535
		return $connection_owner;
536
	}
537
538
	/**
539
	 * Returns an array of user_id's that have user tokens for communicating with wpcom.
540
	 * Able to select by specific capability.
541
	 *
542
	 * @param string $capability The capability of the user.
543
	 * @return array Array of WP_User objects if found.
544
	 */
545
	public function get_connected_users( $capability = 'any' ) {
546
		$connected_users    = array();
547
		$connected_user_ids = array_keys( \Jetpack_Options::get_option( 'user_tokens' ) );
548
549
		if ( ! empty( $connected_user_ids ) ) {
550
			foreach ( $connected_user_ids as $id ) {
551
				// Check for capability.
552
				if ( 'any' !== $capability && ! user_can( $id, $capability ) ) {
553
					continue;
554
				}
555
556
				$connected_users[] = get_userdata( $id );
557
			}
558
		}
559
560
		return $connected_users;
561
	}
562
563
	/**
564
	 * Get the wpcom user data of the current|specified connected user.
565
	 *
566
	 * @todo Refactor to properly load the XMLRPC client independently.
567
	 *
568
	 * @param Integer $user_id the user identifier.
0 ignored issues
show
Documentation introduced by
Should the type for parameter $user_id not be integer|null?

This check looks for @param annotations where the type inferred by our type inference engine differs from the declared type.

It makes a suggestion as to what type it considers more descriptive.

Most often this is a case of a parameter that can be null in addition to its declared types.

Loading history...
569
	 * @return Object the user object.
570
	 */
571 View Code Duplication
	public function get_connected_user_data( $user_id = null ) {
572
		if ( ! $user_id ) {
0 ignored issues
show
Bug Best Practice introduced by
The expression $user_id of type integer|null is loosely compared to false; this is ambiguous if the integer can be zero. You might want to explicitly use === null instead.

In PHP, under loose comparison (like ==, or !=, or switch conditions), values of different types might be equal.

For integer values, zero is a special case, in particular the following results might be unexpected:

0   == false // true
0   == null  // true
123 == false // false
123 == null  // false

// It is often better to use strict comparison
0 === false // false
0 === null  // false
Loading history...
573
			$user_id = get_current_user_id();
574
		}
575
576
		$transient_key    = "jetpack_connected_user_data_$user_id";
577
		$cached_user_data = get_transient( $transient_key );
578
579
		if ( $cached_user_data ) {
580
			return $cached_user_data;
581
		}
582
583
		$xml = new \Jetpack_IXR_Client(
584
			array(
585
				'user_id' => $user_id,
586
			)
587
		);
588
		$xml->query( 'wpcom.getUser' );
589
		if ( ! $xml->isError() ) {
590
			$user_data = $xml->getResponse();
591
			set_transient( $transient_key, $xml->getResponse(), DAY_IN_SECONDS );
592
			return $user_data;
593
		}
594
595
		return false;
596
	}
597
598
	/**
599
	 * Returns a user object of the connection owner.
600
	 *
601
	 * @return object|false False if no connection owner found.
602
	 */
603 View Code Duplication
	public function get_connection_owner() {
604
		$user_token = $this->get_access_token( JETPACK_MASTER_USER );
0 ignored issues
show
Documentation introduced by
JETPACK_MASTER_USER is of type boolean, but the function expects a false|integer.

It seems like the type of the argument is not accepted by the function/method which you are calling.

In some cases, in particular if PHP’s automatic type-juggling kicks in this might be fine. In other cases, however this might be a bug.

We suggest to add an explicit type cast like in the following example:

function acceptsInteger($int) { }

$x = '123'; // string "123"

// Instead of
acceptsInteger($x);

// we recommend to use
acceptsInteger((integer) $x);
Loading history...
605
606
		$connection_owner = false;
607
		if ( $user_token && is_object( $user_token ) && isset( $user_token->external_user_id ) ) {
608
			$connection_owner = get_userdata( $user_token->external_user_id );
609
		}
610
611
		return $connection_owner;
612
	}
613
614
	/**
615
	 * Returns true if the provided user is the Jetpack connection owner.
616
	 * If user ID is not specified, the current user will be used.
617
	 *
618
	 * @param Integer|Boolean $user_id the user identifier. False for current user.
619
	 * @return Boolean True the user the connection owner, false otherwise.
620
	 */
621 View Code Duplication
	public function is_connection_owner( $user_id = false ) {
622
		if ( ! $user_id ) {
623
			$user_id = get_current_user_id();
624
		}
625
626
		$user_token = $this->get_access_token( JETPACK_MASTER_USER );
0 ignored issues
show
Documentation introduced by
JETPACK_MASTER_USER is of type boolean, but the function expects a false|integer.

It seems like the type of the argument is not accepted by the function/method which you are calling.

In some cases, in particular if PHP’s automatic type-juggling kicks in this might be fine. In other cases, however this might be a bug.

We suggest to add an explicit type cast like in the following example:

function acceptsInteger($int) { }

$x = '123'; // string "123"

// Instead of
acceptsInteger($x);

// we recommend to use
acceptsInteger((integer) $x);
Loading history...
627
628
		return $user_token && is_object( $user_token ) && isset( $user_token->external_user_id ) && $user_id === $user_token->external_user_id;
629
	}
630
631
	/**
632
	 * Connects the user with a specified ID to a WordPress.com user using the
633
	 * remote login flow.
634
	 *
635
	 * @access public
636
	 *
637
	 * @param Integer $user_id the user identifier.
0 ignored issues
show
Documentation introduced by
Should the type for parameter $user_id not be integer|null?

This check looks for @param annotations where the type inferred by our type inference engine differs from the declared type.

It makes a suggestion as to what type it considers more descriptive.

Most often this is a case of a parameter that can be null in addition to its declared types.

Loading history...
638
	 */
639
	public function connect_user( $user_id = null ) {
640
		wp_redirect( $this->api_url( 'authenticate' ) );
641
	}
642
643
	/**
644
	 * Unlinks the current user from the linked WordPress.com user.
645
	 *
646
	 * @access public
647
	 * @static
648
	 *
649
	 * @todo Refactor to properly load the XMLRPC client independently.
650
	 *
651
	 * @param Integer $user_id the user identifier.
0 ignored issues
show
Documentation introduced by
Should the type for parameter $user_id not be integer|null?

This check looks for @param annotations where the type inferred by our type inference engine differs from the declared type.

It makes a suggestion as to what type it considers more descriptive.

Most often this is a case of a parameter that can be null in addition to its declared types.

Loading history...
652
	 * @return Boolean Whether the disconnection of the user was successful.
653
	 */
654
	public static function disconnect_user( $user_id = null ) {
655
		$tokens = \Jetpack_Options::get_option( 'user_tokens' );
656
		if ( ! $tokens ) {
657
			return false;
658
		}
659
660
		$user_id = empty( $user_id ) ? get_current_user_id() : intval( $user_id );
661
662
		if ( \Jetpack_Options::get_option( 'master_user' ) === $user_id ) {
663
			return false;
664
		}
665
666
		if ( ! isset( $tokens[ $user_id ] ) ) {
667
			return false;
668
		}
669
670
		$xml = new \Jetpack_IXR_Client( compact( 'user_id' ) );
671
		$xml->query( 'jetpack.unlink_user', $user_id );
672
673
		unset( $tokens[ $user_id ] );
674
675
		\Jetpack_Options::update_option( 'user_tokens', $tokens );
676
677
		/**
678
		 * Fires after the current user has been unlinked from WordPress.com.
679
		 *
680
		 * @since 4.1.0
681
		 *
682
		 * @param int $user_id The current user's ID.
683
		 */
684
		do_action( 'jetpack_unlinked_user', $user_id );
685
686
		return true;
687
	}
688
689
	/**
690
	 * Returns the requested Jetpack API URL.
691
	 *
692
	 * @param String $relative_url the relative API path.
693
	 * @return String API URL.
694
	 */
695
	public function api_url( $relative_url ) {
696
		$api_base = Constants::get_constant( 'JETPACK__API_BASE' );
697
		$version  = Constants::get_constant( 'JETPACK__API_VERSION' );
698
699
		$api_base = $api_base ? $api_base : 'https://jetpack.wordpress.com/jetpack.';
700
		$version  = $version ? '/' . $version . '/' : '/1/';
701
702
		/**
703
		 * Filters the API URL that Jetpack uses for server communication.
704
		 *
705
		 * @since 8.0.0
706
		 *
707
		 * @param String $url the generated URL.
708
		 * @param String $relative_url the relative URL that was passed as an argument.
709
		 * @param String $api_base the API base string that is being used.
710
		 * @param String $version the version string that is being used.
711
		 */
712
		return apply_filters(
713
			'jetpack_api_url',
714
			rtrim( $api_base . $relative_url, '/\\' ) . $version,
715
			$relative_url,
716
			$api_base,
717
			$version
718
		);
719
	}
720
721
	/**
722
	 * Attempts Jetpack registration which sets up the site for connection. Should
723
	 * remain public because the call to action comes from the current site, not from
724
	 * WordPress.com.
725
	 *
726
	 * @param String $api_endpoint (optional) an API endpoint to use, defaults to 'register'.
727
	 * @return Integer zero on success, or a bitmask on failure.
728
	 */
729
	public function register( $api_endpoint = 'register' ) {
730
		add_action( 'pre_update_jetpack_option_register', array( '\\Jetpack_Options', 'delete_option' ) );
731
		$secrets = $this->generate_secrets( 'register', get_current_user_id(), 600 );
732
733
		if (
734
			empty( $secrets['secret_1'] ) ||
735
			empty( $secrets['secret_2'] ) ||
736
			empty( $secrets['exp'] )
737
		) {
738
			return new \WP_Error( 'missing_secrets' );
0 ignored issues
show
Unused Code introduced by
The call to WP_Error::__construct() has too many arguments starting with 'missing_secrets'.

This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue.

If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress.

In this case you can add the @ignore PhpDoc annotation to the duplicate definition and it will be ignored.

Loading history...
739
		}
740
741
		// Better to try (and fail) to set a higher timeout than this system
742
		// supports than to have register fail for more users than it should.
743
		$timeout = $this->set_min_time_limit( 60 ) / 2;
744
745
		$gmt_offset = get_option( 'gmt_offset' );
746
		if ( ! $gmt_offset ) {
747
			$gmt_offset = 0;
748
		}
749
750
		$stats_options = get_option( 'stats_options' );
751
		$stats_id      = isset( $stats_options['blog_id'] )
752
			? $stats_options['blog_id']
753
			: null;
754
755
		/**
756
		 * Filters the request body for additional property addition.
757
		 *
758
		 * @since 7.7.0
759
		 *
760
		 * @param Array $post_data request data.
761
		 * @param Array $token_data token data.
762
		 */
763
		$body = apply_filters(
764
			'jetpack_register_request_body',
765
			array(
766
				'siteurl'         => site_url(),
767
				'home'            => home_url(),
768
				'gmt_offset'      => $gmt_offset,
769
				'timezone_string' => (string) get_option( 'timezone_string' ),
770
				'site_name'       => (string) get_option( 'blogname' ),
771
				'secret_1'        => $secrets['secret_1'],
772
				'secret_2'        => $secrets['secret_2'],
773
				'site_lang'       => get_locale(),
774
				'timeout'         => $timeout,
775
				'stats_id'        => $stats_id,
776
				'state'           => get_current_user_id(),
777
				'site_created'    => $this->get_assumed_site_creation_date(),
778
				'jetpack_version' => Constants::get_constant( 'JETPACK__VERSION' ),
779
			)
780
		);
781
782
		$args = array(
783
			'method'  => 'POST',
784
			'body'    => $body,
785
			'headers' => array(
786
				'Accept' => 'application/json',
787
			),
788
			'timeout' => $timeout,
789
		);
790
791
		$args['body'] = $this->apply_activation_source_to_args( $args['body'] );
792
793
		// TODO: fix URLs for bad hosts.
794
		$response = Client::_wp_remote_request(
795
			$this->api_url( $api_endpoint ),
796
			$args,
797
			true
798
		);
799
800
		// Make sure the response is valid and does not contain any Jetpack errors.
801
		$registration_details = $this->validate_remote_register_response( $response );
802
803
		if ( is_wp_error( $registration_details ) ) {
804
			return $registration_details;
805
		} elseif ( ! $registration_details ) {
806
			return new \WP_Error(
807
				'unknown_error',
0 ignored issues
show
Unused Code introduced by
The call to WP_Error::__construct() has too many arguments starting with 'unknown_error'.

This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue.

If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress.

In this case you can add the @ignore PhpDoc annotation to the duplicate definition and it will be ignored.

Loading history...
808
				'Unknown error registering your Jetpack site.',
809
				wp_remote_retrieve_response_code( $response )
810
			);
811
		}
812
813
		if ( empty( $registration_details->jetpack_secret ) || ! is_string( $registration_details->jetpack_secret ) ) {
814
			return new \WP_Error(
815
				'jetpack_secret',
0 ignored issues
show
Unused Code introduced by
The call to WP_Error::__construct() has too many arguments starting with 'jetpack_secret'.

This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue.

If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress.

In this case you can add the @ignore PhpDoc annotation to the duplicate definition and it will be ignored.

Loading history...
816
				'Unable to validate registration of your Jetpack site.',
817
				wp_remote_retrieve_response_code( $response )
818
			);
819
		}
820
821
		if ( isset( $registration_details->jetpack_public ) ) {
822
			$jetpack_public = (int) $registration_details->jetpack_public;
823
		} else {
824
			$jetpack_public = false;
825
		}
826
827
		\Jetpack_Options::update_options(
828
			array(
829
				'id'         => (int) $registration_details->jetpack_id,
830
				'blog_token' => (string) $registration_details->jetpack_secret,
831
				'public'     => $jetpack_public,
832
			)
833
		);
834
835
		/**
836
		 * Fires when a site is registered on WordPress.com.
837
		 *
838
		 * @since 3.7.0
839
		 *
840
		 * @param int $json->jetpack_id Jetpack Blog ID.
841
		 * @param string $json->jetpack_secret Jetpack Blog Token.
842
		 * @param int|bool $jetpack_public Is the site public.
843
		 */
844
		do_action(
845
			'jetpack_site_registered',
846
			$registration_details->jetpack_id,
847
			$registration_details->jetpack_secret,
848
			$jetpack_public
849
		);
850
851
		if ( isset( $registration_details->token ) ) {
852
			/**
853
			 * Fires when a user token is sent along with the registration data.
854
			 *
855
			 * @since 7.6.0
856
			 *
857
			 * @param object $token the administrator token for the newly registered site.
858
			 */
859
			do_action( 'jetpack_site_registered_user_token', $registration_details->token );
860
		}
861
862
		return true;
863
	}
864
865
	/**
866
	 * Takes the response from the Jetpack register new site endpoint and
867
	 * verifies it worked properly.
868
	 *
869
	 * @since 2.6
870
	 *
871
	 * @param Mixed $response the response object, or the error object.
872
	 * @return string|WP_Error A JSON object on success or Jetpack_Error on failures
873
	 **/
874
	protected function validate_remote_register_response( $response ) {
875
		if ( is_wp_error( $response ) ) {
876
			return new \WP_Error(
877
				'register_http_request_failed',
0 ignored issues
show
Unused Code introduced by
The call to WP_Error::__construct() has too many arguments starting with 'register_http_request_failed'.

This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue.

If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress.

In this case you can add the @ignore PhpDoc annotation to the duplicate definition and it will be ignored.

Loading history...
878
				$response->get_error_message()
879
			);
880
		}
881
882
		$code   = wp_remote_retrieve_response_code( $response );
883
		$entity = wp_remote_retrieve_body( $response );
884
885
		if ( $entity ) {
886
			$registration_response = json_decode( $entity );
887
		} else {
888
			$registration_response = false;
889
		}
890
891
		$code_type = intval( $code / 100 );
892
		if ( 5 === $code_type ) {
893
			return new \WP_Error( 'wpcom_5??', $code );
0 ignored issues
show
Unused Code introduced by
The call to WP_Error::__construct() has too many arguments starting with 'wpcom_5??'.

This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue.

If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress.

In this case you can add the @ignore PhpDoc annotation to the duplicate definition and it will be ignored.

Loading history...
894
		} elseif ( 408 === $code ) {
895
			return new \WP_Error( 'wpcom_408', $code );
0 ignored issues
show
Unused Code introduced by
The call to WP_Error::__construct() has too many arguments starting with 'wpcom_408'.

This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue.

If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress.

In this case you can add the @ignore PhpDoc annotation to the duplicate definition and it will be ignored.

Loading history...
896
		} elseif ( ! empty( $registration_response->error ) ) {
897
			if (
898
				'xml_rpc-32700' === $registration_response->error
899
				&& ! function_exists( 'xml_parser_create' )
900
			) {
901
				$error_description = __( "PHP's XML extension is not available. Jetpack requires the XML extension to communicate with WordPress.com. Please contact your hosting provider to enable PHP's XML extension.", 'jetpack' );
902
			} else {
903
				$error_description = isset( $registration_response->error_description )
904
					? (string) $registration_response->error_description
905
					: '';
906
			}
907
908
			return new \WP_Error(
909
				(string) $registration_response->error,
0 ignored issues
show
Unused Code introduced by
The call to WP_Error::__construct() has too many arguments starting with (string) $registration_response->error.

This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue.

If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress.

In this case you can add the @ignore PhpDoc annotation to the duplicate definition and it will be ignored.

Loading history...
910
				$error_description,
911
				$code
912
			);
913
		} elseif ( 200 !== $code ) {
914
			return new \WP_Error( 'wpcom_bad_response', $code );
0 ignored issues
show
Unused Code introduced by
The call to WP_Error::__construct() has too many arguments starting with 'wpcom_bad_response'.

This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue.

If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress.

In this case you can add the @ignore PhpDoc annotation to the duplicate definition and it will be ignored.

Loading history...
915
		}
916
917
		// Jetpack ID error block.
918
		if ( empty( $registration_response->jetpack_id ) ) {
919
			return new \WP_Error(
920
				'jetpack_id',
0 ignored issues
show
Unused Code introduced by
The call to WP_Error::__construct() has too many arguments starting with 'jetpack_id'.

This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue.

If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress.

In this case you can add the @ignore PhpDoc annotation to the duplicate definition and it will be ignored.

Loading history...
921
				/* translators: %s is an error message string */
922
				sprintf( __( 'Error Details: Jetpack ID is empty. Do not publicly post this error message! %s', 'jetpack' ), $entity ),
923
				$entity
924
			);
925
		} elseif ( ! is_scalar( $registration_response->jetpack_id ) ) {
926
			return new \WP_Error(
927
				'jetpack_id',
0 ignored issues
show
Unused Code introduced by
The call to WP_Error::__construct() has too many arguments starting with 'jetpack_id'.

This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue.

If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress.

In this case you can add the @ignore PhpDoc annotation to the duplicate definition and it will be ignored.

Loading history...
928
				/* translators: %s is an error message string */
929
				sprintf( __( 'Error Details: Jetpack ID is not a scalar. Do not publicly post this error message! %s', 'jetpack' ), $entity ),
930
				$entity
931
			);
932 View Code Duplication
		} elseif ( preg_match( '/[^0-9]/', $registration_response->jetpack_id ) ) {
933
			return new \WP_Error(
934
				'jetpack_id',
0 ignored issues
show
Unused Code introduced by
The call to WP_Error::__construct() has too many arguments starting with 'jetpack_id'.

This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue.

If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress.

In this case you can add the @ignore PhpDoc annotation to the duplicate definition and it will be ignored.

Loading history...
935
				/* translators: %s is an error message string */
936
				sprintf( __( 'Error Details: Jetpack ID begins with a numeral. Do not publicly post this error message! %s', 'jetpack' ), $entity ),
937
				$entity
938
			);
939
		}
940
941
		return $registration_response;
942
	}
943
944
	/**
945
	 * Adds a used nonce to a list of known nonces.
946
	 *
947
	 * @param int    $timestamp the current request timestamp.
948
	 * @param string $nonce the nonce value.
949
	 * @return bool whether the nonce is unique or not.
950
	 */
951
	public function add_nonce( $timestamp, $nonce ) {
952
		global $wpdb;
953
		static $nonces_used_this_request = array();
954
955
		if ( isset( $nonces_used_this_request[ "$timestamp:$nonce" ] ) ) {
956
			return $nonces_used_this_request[ "$timestamp:$nonce" ];
957
		}
958
959
		// This should always have gone through Jetpack_Signature::sign_request() first to check $timestamp an $nonce.
960
		$timestamp = (int) $timestamp;
961
		$nonce     = esc_sql( $nonce );
962
963
		// Raw query so we can avoid races: add_option will also update.
964
		$show_errors = $wpdb->show_errors( false );
965
966
		$old_nonce = $wpdb->get_row(
967
			$wpdb->prepare( "SELECT * FROM `$wpdb->options` WHERE option_name = %s", "jetpack_nonce_{$timestamp}_{$nonce}" )
968
		);
969
970
		if ( is_null( $old_nonce ) ) {
971
			$return = $wpdb->query(
972
				$wpdb->prepare(
973
					"INSERT INTO `$wpdb->options` (`option_name`, `option_value`, `autoload`) VALUES (%s, %s, %s)",
974
					"jetpack_nonce_{$timestamp}_{$nonce}",
975
					time(),
976
					'no'
977
				)
978
			);
979
		} else {
980
			$return = false;
981
		}
982
983
		$wpdb->show_errors( $show_errors );
984
985
		$nonces_used_this_request[ "$timestamp:$nonce" ] = $return;
986
987
		return $return;
988
	}
989
990
	/**
991
	 * Cleans nonces that were saved when calling ::add_nonce.
992
	 *
993
	 * @todo Properly prepare the query before executing it.
994
	 *
995
	 * @param bool $all whether to clean even non-expired nonces.
996
	 */
997
	public function clean_nonces( $all = false ) {
998
		global $wpdb;
999
1000
		$sql      = "DELETE FROM `$wpdb->options` WHERE `option_name` LIKE %s";
1001
		$sql_args = array( $wpdb->esc_like( 'jetpack_nonce_' ) . '%' );
1002
1003
		if ( true !== $all ) {
1004
			$sql       .= ' AND CAST( `option_value` AS UNSIGNED ) < %d';
1005
			$sql_args[] = time() - 3600;
1006
		}
1007
1008
		$sql .= ' ORDER BY `option_id` LIMIT 100';
1009
1010
		$sql = $wpdb->prepare( $sql, $sql_args ); // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared
1011
1012
		for ( $i = 0; $i < 1000; $i++ ) {
1013
			if ( ! $wpdb->query( $sql ) ) { // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared
1014
				break;
1015
			}
1016
		}
1017
	}
1018
1019
	/**
1020
	 * Builds the timeout limit for queries talking with the wpcom servers.
1021
	 *
1022
	 * Based on local php max_execution_time in php.ini
1023
	 *
1024
	 * @since 5.4
1025
	 * @return int
1026
	 **/
1027
	public function get_max_execution_time() {
1028
		$timeout = (int) ini_get( 'max_execution_time' );
1029
1030
		// Ensure exec time set in php.ini.
1031
		if ( ! $timeout ) {
1032
			$timeout = 30;
1033
		}
1034
		return $timeout;
1035
	}
1036
1037
	/**
1038
	 * Sets a minimum request timeout, and returns the current timeout
1039
	 *
1040
	 * @since 5.4
1041
	 * @param Integer $min_timeout the minimum timeout value.
1042
	 **/
1043 View Code Duplication
	public function set_min_time_limit( $min_timeout ) {
1044
		$timeout = $this->get_max_execution_time();
1045
		if ( $timeout < $min_timeout ) {
1046
			$timeout = $min_timeout;
1047
			set_time_limit( $timeout );
1048
		}
1049
		return $timeout;
1050
	}
1051
1052
	/**
1053
	 * Get our assumed site creation date.
1054
	 * Calculated based on the earlier date of either:
1055
	 * - Earliest admin user registration date.
1056
	 * - Earliest date of post of any post type.
1057
	 *
1058
	 * @since 7.2.0
1059
	 *
1060
	 * @return string Assumed site creation date and time.
1061
	 */
1062
	public function get_assumed_site_creation_date() {
1063
		$cached_date = get_transient( 'jetpack_assumed_site_creation_date' );
1064
		if ( ! empty( $cached_date ) ) {
1065
			return $cached_date;
1066
		}
1067
1068
		$earliest_registered_users  = get_users(
1069
			array(
1070
				'role'    => 'administrator',
1071
				'orderby' => 'user_registered',
1072
				'order'   => 'ASC',
1073
				'fields'  => array( 'user_registered' ),
1074
				'number'  => 1,
1075
			)
1076
		);
1077
		$earliest_registration_date = $earliest_registered_users[0]->user_registered;
1078
1079
		$earliest_posts = get_posts(
1080
			array(
1081
				'posts_per_page' => 1,
1082
				'post_type'      => 'any',
1083
				'post_status'    => 'any',
1084
				'orderby'        => 'date',
1085
				'order'          => 'ASC',
1086
			)
1087
		);
1088
1089
		// If there are no posts at all, we'll count only on user registration date.
1090
		if ( $earliest_posts ) {
1091
			$earliest_post_date = $earliest_posts[0]->post_date;
1092
		} else {
1093
			$earliest_post_date = PHP_INT_MAX;
1094
		}
1095
1096
		$assumed_date = min( $earliest_registration_date, $earliest_post_date );
1097
		set_transient( 'jetpack_assumed_site_creation_date', $assumed_date );
1098
1099
		return $assumed_date;
1100
	}
1101
1102
	/**
1103
	 * Adds the activation source string as a parameter to passed arguments.
1104
	 *
1105
	 * @todo Refactor to use rawurlencode() instead of urlencode().
1106
	 *
1107
	 * @param Array $args arguments that need to have the source added.
1108
	 * @return Array $amended arguments.
1109
	 */
1110 View Code Duplication
	public static function apply_activation_source_to_args( $args ) {
1111
		list( $activation_source_name, $activation_source_keyword ) = get_option( 'jetpack_activation_source' );
1112
1113
		if ( $activation_source_name ) {
1114
			// phpcs:ignore WordPress.PHP.DiscouragedPHPFunctions.urlencode_urlencode
1115
			$args['_as'] = urlencode( $activation_source_name );
1116
		}
1117
1118
		if ( $activation_source_keyword ) {
1119
			// phpcs:ignore WordPress.PHP.DiscouragedPHPFunctions.urlencode_urlencode
1120
			$args['_ak'] = urlencode( $activation_source_keyword );
1121
		}
1122
1123
		return $args;
1124
	}
1125
1126
	/**
1127
	 * Returns the callable that would be used to generate secrets.
1128
	 *
1129
	 * @return Callable a function that returns a secure string to be used as a secret.
1130
	 */
1131
	protected function get_secret_callable() {
1132
		if ( ! isset( $this->secret_callable ) ) {
1133
			/**
1134
			 * Allows modification of the callable that is used to generate connection secrets.
1135
			 *
1136
			 * @param Callable a function or method that returns a secret string.
1137
			 */
1138
			$this->secret_callable = apply_filters( 'jetpack_connection_secret_generator', 'wp_generate_password' );
1139
		}
1140
1141
		return $this->secret_callable;
1142
	}
1143
1144
	/**
1145
	 * Generates two secret tokens and the end of life timestamp for them.
1146
	 *
1147
	 * @param String  $action  The action name.
1148
	 * @param Integer $user_id The user identifier.
0 ignored issues
show
Documentation introduced by
Should the type for parameter $user_id not be false|integer?

This check looks for @param annotations where the type inferred by our type inference engine differs from the declared type.

It makes a suggestion as to what type it considers more descriptive.

Most often this is a case of a parameter that can be null in addition to its declared types.

Loading history...
1149
	 * @param Integer $exp     Expiration time in seconds.
1150
	 */
1151
	public function generate_secrets( $action, $user_id = false, $exp = 600 ) {
1152
		if ( false === $user_id ) {
1153
			$user_id = get_current_user_id();
1154
		}
1155
1156
		$callable = $this->get_secret_callable();
1157
1158
		$secrets = \Jetpack_Options::get_raw_option(
1159
			self::SECRETS_OPTION_NAME,
1160
			array()
1161
		);
1162
1163
		$secret_name = 'jetpack_' . $action . '_' . $user_id;
1164
1165
		if (
1166
			isset( $secrets[ $secret_name ] ) &&
1167
			$secrets[ $secret_name ]['exp'] > time()
1168
		) {
1169
			return $secrets[ $secret_name ];
1170
		}
1171
1172
		$secret_value = array(
1173
			'secret_1' => call_user_func( $callable ),
1174
			'secret_2' => call_user_func( $callable ),
1175
			'exp'      => time() + $exp,
1176
		);
1177
1178
		$secrets[ $secret_name ] = $secret_value;
1179
1180
		\Jetpack_Options::update_raw_option( self::SECRETS_OPTION_NAME, $secrets );
1181
		return $secrets[ $secret_name ];
1182
	}
1183
1184
	/**
1185
	 * Returns two secret tokens and the end of life timestamp for them.
1186
	 *
1187
	 * @param String  $action  The action name.
1188
	 * @param Integer $user_id The user identifier.
1189
	 * @return string|array an array of secrets or an error string.
1190
	 */
1191
	public function get_secrets( $action, $user_id ) {
1192
		$secret_name = 'jetpack_' . $action . '_' . $user_id;
1193
		$secrets     = \Jetpack_Options::get_raw_option(
1194
			self::SECRETS_OPTION_NAME,
1195
			array()
1196
		);
1197
1198
		if ( ! isset( $secrets[ $secret_name ] ) ) {
1199
			return self::SECRETS_MISSING;
1200
		}
1201
1202
		if ( $secrets[ $secret_name ]['exp'] < time() ) {
1203
			$this->delete_secrets( $action, $user_id );
1204
			return self::SECRETS_EXPIRED;
1205
		}
1206
1207
		return $secrets[ $secret_name ];
1208
	}
1209
1210
	/**
1211
	 * Deletes secret tokens in case they, for example, have expired.
1212
	 *
1213
	 * @param String  $action  The action name.
1214
	 * @param Integer $user_id The user identifier.
1215
	 */
1216
	public function delete_secrets( $action, $user_id ) {
1217
		$secret_name = 'jetpack_' . $action . '_' . $user_id;
1218
		$secrets     = \Jetpack_Options::get_raw_option(
1219
			self::SECRETS_OPTION_NAME,
1220
			array()
1221
		);
1222
		if ( isset( $secrets[ $secret_name ] ) ) {
1223
			unset( $secrets[ $secret_name ] );
1224
			\Jetpack_Options::update_raw_option( self::SECRETS_OPTION_NAME, $secrets );
1225
		}
1226
	}
1227
1228
	/**
1229
	 * Responds to a WordPress.com call to register the current site.
1230
	 * Should be changed to protected.
1231
	 *
1232
	 * @param array $registration_data Array of [ secret_1, user_id ].
1233
	 */
1234
	public function handle_registration( array $registration_data ) {
1235
		list( $registration_secret_1, $registration_user_id ) = $registration_data;
1236
		if ( empty( $registration_user_id ) ) {
1237
			return new \WP_Error( 'registration_state_invalid', __( 'Invalid Registration State', 'jetpack' ), 400 );
0 ignored issues
show
Unused Code introduced by
The call to WP_Error::__construct() has too many arguments starting with 'registration_state_invalid'.

This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue.

If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress.

In this case you can add the @ignore PhpDoc annotation to the duplicate definition and it will be ignored.

Loading history...
1238
		}
1239
1240
		return $this->verify_secrets( 'register', $registration_secret_1, (int) $registration_user_id );
1241
	}
1242
1243
	/**
1244
	 * Verify a Previously Generated Secret.
1245
	 *
1246
	 * @param string $action   The type of secret to verify.
1247
	 * @param string $secret_1 The secret string to compare to what is stored.
1248
	 * @param int    $user_id  The user ID of the owner of the secret.
1249
	 * @return \WP_Error|string WP_Error on failure, secret_2 on success.
1250
	 */
1251
	public function verify_secrets( $action, $secret_1, $user_id ) {
1252
		$allowed_actions = array( 'register', 'authorize', 'publicize' );
1253
		if ( ! in_array( $action, $allowed_actions, true ) ) {
1254
			return new \WP_Error( 'unknown_verification_action', 'Unknown Verification Action', 400 );
0 ignored issues
show
Unused Code introduced by
The call to WP_Error::__construct() has too many arguments starting with 'unknown_verification_action'.

This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue.

If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress.

In this case you can add the @ignore PhpDoc annotation to the duplicate definition and it will be ignored.

Loading history...
1255
		}
1256
1257
		$user = get_user_by( 'id', $user_id );
1258
1259
		/**
1260
		 * We've begun verifying the previously generated secret.
1261
		 *
1262
		 * @since 7.5.0
1263
		 *
1264
		 * @param string   $action The type of secret to verify.
1265
		 * @param \WP_User $user The user object.
1266
		 */
1267
		do_action( 'jetpack_verify_secrets_begin', $action, $user );
1268
1269
		$return_error = function( \WP_Error $error ) use ( $action, $user ) {
1270
			/**
1271
			 * Verifying of the previously generated secret has failed.
1272
			 *
1273
			 * @since 7.5.0
1274
			 *
1275
			 * @param string    $action  The type of secret to verify.
1276
			 * @param \WP_User  $user The user object.
1277
			 * @param \WP_Error $error The error object.
1278
			 */
1279
			do_action( 'jetpack_verify_secrets_fail', $action, $user, $error );
1280
1281
			return $error;
1282
		};
1283
1284
		$stored_secrets = $this->get_secrets( $action, $user_id );
1285
		$this->delete_secrets( $action, $user_id );
1286
1287
		$error = null;
1288
		if ( empty( $secret_1 ) ) {
1289
			$error = $return_error(
1290
				new \WP_Error(
1291
					'verify_secret_1_missing',
0 ignored issues
show
Unused Code introduced by
The call to WP_Error::__construct() has too many arguments starting with 'verify_secret_1_missing'.

This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue.

If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress.

In this case you can add the @ignore PhpDoc annotation to the duplicate definition and it will be ignored.

Loading history...
1292
					/* translators: "%s" is the name of a paramter. It can be either "secret_1" or "state". */
1293
					sprintf( __( 'The required "%s" parameter is missing.', 'jetpack' ), 'secret_1' ),
1294
					400
1295
				)
1296
			);
1297
		} elseif ( ! is_string( $secret_1 ) ) {
1298
			$error = $return_error(
1299
				new \WP_Error(
1300
					'verify_secret_1_malformed',
0 ignored issues
show
Unused Code introduced by
The call to WP_Error::__construct() has too many arguments starting with 'verify_secret_1_malformed'.

This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue.

If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress.

In this case you can add the @ignore PhpDoc annotation to the duplicate definition and it will be ignored.

Loading history...
1301
					/* translators: "%s" is the name of a paramter. It can be either "secret_1" or "state". */
1302
					sprintf( __( 'The required "%s" parameter is malformed.', 'jetpack' ), 'secret_1' ),
1303
					400
1304
				)
1305
			);
1306
		} elseif ( empty( $user_id ) ) {
1307
			// $user_id is passed around during registration as "state".
1308
			$error = $return_error(
1309
				new \WP_Error(
1310
					'state_missing',
0 ignored issues
show
Unused Code introduced by
The call to WP_Error::__construct() has too many arguments starting with 'state_missing'.

This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue.

If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress.

In this case you can add the @ignore PhpDoc annotation to the duplicate definition and it will be ignored.

Loading history...
1311
					/* translators: "%s" is the name of a paramter. It can be either "secret_1" or "state". */
1312
					sprintf( __( 'The required "%s" parameter is missing.', 'jetpack' ), 'state' ),
1313
					400
1314
				)
1315
			);
1316
		} elseif ( ! ctype_digit( (string) $user_id ) ) {
1317
			$error = $return_error(
1318
				new \WP_Error(
1319
					'state_malformed',
0 ignored issues
show
Unused Code introduced by
The call to WP_Error::__construct() has too many arguments starting with 'state_malformed'.

This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue.

If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress.

In this case you can add the @ignore PhpDoc annotation to the duplicate definition and it will be ignored.

Loading history...
1320
					/* translators: "%s" is the name of a paramter. It can be either "secret_1" or "state". */
1321
					sprintf( __( 'The required "%s" parameter is malformed.', 'jetpack' ), 'state' ),
1322
					400
1323
				)
1324
			);
1325
		} elseif ( self::SECRETS_MISSING === $stored_secrets ) {
1326
			$error = $return_error(
1327
				new \WP_Error(
1328
					'verify_secrets_missing',
0 ignored issues
show
Unused Code introduced by
The call to WP_Error::__construct() has too many arguments starting with 'verify_secrets_missing'.

This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue.

If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress.

In this case you can add the @ignore PhpDoc annotation to the duplicate definition and it will be ignored.

Loading history...
1329
					__( 'Verification secrets not found', 'jetpack' ),
1330
					400
1331
				)
1332
			);
1333
		} elseif ( self::SECRETS_EXPIRED === $stored_secrets ) {
1334
			$error = $return_error(
1335
				new \WP_Error(
1336
					'verify_secrets_expired',
0 ignored issues
show
Unused Code introduced by
The call to WP_Error::__construct() has too many arguments starting with 'verify_secrets_expired'.

This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue.

If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress.

In this case you can add the @ignore PhpDoc annotation to the duplicate definition and it will be ignored.

Loading history...
1337
					__( 'Verification took too long', 'jetpack' ),
1338
					400
1339
				)
1340
			);
1341
		} elseif ( ! $stored_secrets ) {
1342
			$error = $return_error(
1343
				new \WP_Error(
1344
					'verify_secrets_empty',
0 ignored issues
show
Unused Code introduced by
The call to WP_Error::__construct() has too many arguments starting with 'verify_secrets_empty'.

This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue.

If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress.

In this case you can add the @ignore PhpDoc annotation to the duplicate definition and it will be ignored.

Loading history...
1345
					__( 'Verification secrets are empty', 'jetpack' ),
1346
					400
1347
				)
1348
			);
1349
		} elseif ( is_wp_error( $stored_secrets ) ) {
1350
			$stored_secrets->add_data( 400 );
0 ignored issues
show
Bug introduced by
The method add_data cannot be called on $stored_secrets (of type string|array).

Methods can only be called on objects. This check looks for methods being called on variables that have been inferred to never be objects.

Loading history...
1351
			$error = $return_error( $stored_secrets );
1352
		} elseif ( empty( $stored_secrets['secret_1'] ) || empty( $stored_secrets['secret_2'] ) || empty( $stored_secrets['exp'] ) ) {
1353
			$error = $return_error(
1354
				new \WP_Error(
1355
					'verify_secrets_incomplete',
0 ignored issues
show
Unused Code introduced by
The call to WP_Error::__construct() has too many arguments starting with 'verify_secrets_incomplete'.

This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue.

If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress.

In this case you can add the @ignore PhpDoc annotation to the duplicate definition and it will be ignored.

Loading history...
1356
					__( 'Verification secrets are incomplete', 'jetpack' ),
1357
					400
1358
				)
1359
			);
1360
		} elseif ( ! hash_equals( $secret_1, $stored_secrets['secret_1'] ) ) {
1361
			$error = $return_error(
1362
				new \WP_Error(
1363
					'verify_secrets_mismatch',
0 ignored issues
show
Unused Code introduced by
The call to WP_Error::__construct() has too many arguments starting with 'verify_secrets_mismatch'.

This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue.

If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress.

In this case you can add the @ignore PhpDoc annotation to the duplicate definition and it will be ignored.

Loading history...
1364
					__( 'Secret mismatch', 'jetpack' ),
1365
					400
1366
				)
1367
			);
1368
		}
1369
1370
		// Something went wrong during the checks, returning the error.
1371
		if ( ! empty( $error ) ) {
1372
			return $error;
1373
		}
1374
1375
		/**
1376
		 * We've succeeded at verifying the previously generated secret.
1377
		 *
1378
		 * @since 7.5.0
1379
		 *
1380
		 * @param string   $action The type of secret to verify.
1381
		 * @param \WP_User $user The user object.
1382
		 */
1383
		do_action( 'jetpack_verify_secrets_success', $action, $user );
1384
1385
		return $stored_secrets['secret_2'];
1386
	}
1387
1388
	/**
1389
	 * Responds to a WordPress.com call to authorize the current user.
1390
	 * Should be changed to protected.
1391
	 */
1392
	public function handle_authorization() {
1393
1394
	}
1395
1396
	/**
1397
	 * Builds a URL to the Jetpack connection auth page.
1398
	 *
1399
	 * @param WP_User $user (optional) defaults to the current logged in user.
0 ignored issues
show
Documentation introduced by
Should the type for parameter $user not be WP_User|null?

This check looks for @param annotations where the type inferred by our type inference engine differs from the declared type.

It makes a suggestion as to what type it considers more descriptive.

Most often this is a case of a parameter that can be null in addition to its declared types.

Loading history...
1400
	 * @param String  $redirect (optional) a redirect URL to use instead of the default.
0 ignored issues
show
Documentation introduced by
Should the type for parameter $redirect not be string|null?

This check looks for @param annotations where the type inferred by our type inference engine differs from the declared type.

It makes a suggestion as to what type it considers more descriptive.

Most often this is a case of a parameter that can be null in addition to its declared types.

Loading history...
1401
	 * @return string Connect URL.
1402
	 */
1403
	public function get_authorization_url( $user = null, $redirect = null ) {
1404
1405
		if ( empty( $user ) ) {
1406
			$user = wp_get_current_user();
1407
		}
1408
1409
		$roles       = new Roles();
1410
		$role        = $roles->translate_user_to_role( $user );
1411
		$signed_role = $this->sign_role( $role );
1412
1413
		/**
1414
		 * Filter the URL of the first time the user gets redirected back to your site for connection
1415
		 * data processing.
1416
		 *
1417
		 * @since 8.0.0
1418
		 *
1419
		 * @param string $redirect_url Defaults to the site admin URL.
1420
		 */
1421
		$processing_url = apply_filters( 'jetpack_connect_processing_url', admin_url( 'admin.php' ) );
1422
1423
		/**
1424
		 * Filter the URL to redirect the user back to when the authentication process
1425
		 * is complete.
1426
		 *
1427
		 * @since 8.0.0
1428
		 *
1429
		 * @param string $redirect_url Defaults to the site URL.
1430
		 */
1431
		$redirect = apply_filters( 'jetpack_connect_redirect_url', $redirect );
1432
1433
		$secrets = $this->generate_secrets( 'authorize', false, 2 * HOUR_IN_SECONDS );
1434
1435
		/**
1436
		 * Filter the type of authorization.
1437
		 * 'calypso' completes authorization on wordpress.com/jetpack/connect
1438
		 * while 'jetpack' ( or any other value ) completes the authorization at jetpack.wordpress.com.
1439
		 *
1440
		 * @since 4.3.3
1441
		 *
1442
		 * @param string $auth_type Defaults to 'calypso', can also be 'jetpack'.
1443
		 */
1444
		$auth_type = apply_filters( 'jetpack_auth_type', 'calypso' );
1445
1446
		/**
1447
		 * Filters the user connection request data for additional property addition.
1448
		 *
1449
		 * @since 8.0.0
1450
		 *
1451
		 * @param Array $request_data request data.
1452
		 */
1453
		$body = apply_filters(
1454
			'jetpack_connect_request_body',
1455
			array(
1456
				'response_type' => 'code',
1457
				'client_id'     => \Jetpack_Options::get_option( 'id' ),
1458
				'redirect_uri'  => add_query_arg(
1459
					array(
1460
						'action'   => 'authorize',
1461
						'_wpnonce' => wp_create_nonce( "jetpack-authorize_{$role}_{$redirect}" ),
1462
						'redirect' => rawurlencode( $redirect ),
1463
					),
1464
					esc_url( $processing_url )
1465
				),
1466
				'state'         => $user->ID,
1467
				'scope'         => $signed_role,
1468
				'user_email'    => $user->user_email,
1469
				'user_login'    => $user->user_login,
1470
				'is_active'     => $this->is_active(),
1471
				'jp_version'    => Constants::get_constant( 'JETPACK__VERSION' ),
1472
				'auth_type'     => $auth_type,
1473
				'secret'        => $secrets['secret_1'],
1474
				'blogname'      => get_option( 'blogname' ),
1475
				'site_url'      => site_url(),
1476
				'home_url'      => home_url(),
1477
				'site_icon'     => get_site_icon_url(),
1478
				'site_lang'     => get_locale(),
1479
				'site_created'  => $this->get_assumed_site_creation_date(),
1480
			)
1481
		);
1482
1483
		$body = $this->apply_activation_source_to_args( urlencode_deep( $body ) );
1484
1485
		$api_url = $this->api_url( 'authorize' );
1486
1487
		return add_query_arg( $body, $api_url );
1488
	}
1489
1490
	/**
1491
	 * Disconnects from the Jetpack servers.
1492
	 * Forgets all connection details and tells the Jetpack servers to do the same.
1493
	 */
1494
	public function disconnect_site() {
1495
1496
	}
1497
1498
	/**
1499
	 * The Base64 Encoding of the SHA1 Hash of the Input.
1500
	 *
1501
	 * @param string $text The string to hash.
1502
	 * @return string
1503
	 */
1504
	public function sha1_base64( $text ) {
1505
		return base64_encode( sha1( $text, true ) ); // phpcs:ignore WordPress.PHP.DiscouragedPHPFunctions.obfuscation_base64_encode
1506
	}
1507
1508
	/**
1509
	 * This function mirrors Jetpack_Data::is_usable_domain() in the WPCOM codebase.
1510
	 *
1511
	 * @param string $domain The domain to check.
1512
	 *
1513
	 * @return bool|WP_Error
1514
	 */
1515
	public function is_usable_domain( $domain ) {
1516
1517
		// If it's empty, just fail out.
1518
		if ( ! $domain ) {
1519
			return new \WP_Error(
1520
				'fail_domain_empty',
0 ignored issues
show
Unused Code introduced by
The call to WP_Error::__construct() has too many arguments starting with 'fail_domain_empty'.

This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue.

If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress.

In this case you can add the @ignore PhpDoc annotation to the duplicate definition and it will be ignored.

Loading history...
1521
				/* translators: %1$s is a domain name. */
1522
				sprintf( __( 'Domain `%1$s` just failed is_usable_domain check as it is empty.', 'jetpack' ), $domain )
1523
			);
1524
		}
1525
1526
		/**
1527
		 * Skips the usuable domain check when connecting a site.
1528
		 *
1529
		 * Allows site administrators with domains that fail gethostname-based checks to pass the request to WP.com
1530
		 *
1531
		 * @since 4.1.0
1532
		 *
1533
		 * @param bool If the check should be skipped. Default false.
1534
		 */
1535
		if ( apply_filters( 'jetpack_skip_usuable_domain_check', false ) ) {
1536
			return true;
1537
		}
1538
1539
		// None of the explicit localhosts.
1540
		$forbidden_domains = array(
1541
			'wordpress.com',
1542
			'localhost',
1543
			'localhost.localdomain',
1544
			'127.0.0.1',
1545
			'local.wordpress.test',         // VVV pattern.
1546
			'local.wordpress-trunk.test',   // VVV pattern.
1547
			'src.wordpress-develop.test',   // VVV pattern.
1548
			'build.wordpress-develop.test', // VVV pattern.
1549
		);
1550 View Code Duplication
		if ( in_array( $domain, $forbidden_domains, true ) ) {
1551
			return new \WP_Error(
1552
				'fail_domain_forbidden',
0 ignored issues
show
Unused Code introduced by
The call to WP_Error::__construct() has too many arguments starting with 'fail_domain_forbidden'.

This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue.

If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress.

In this case you can add the @ignore PhpDoc annotation to the duplicate definition and it will be ignored.

Loading history...
1553
				sprintf(
1554
					/* translators: %1$s is a domain name. */
1555
					__(
1556
						'Domain `%1$s` just failed is_usable_domain check as it is in the forbidden array.',
1557
						'jetpack'
1558
					),
1559
					$domain
1560
				)
1561
			);
1562
		}
1563
1564
		// No .test or .local domains.
1565 View Code Duplication
		if ( preg_match( '#\.(test|local)$#i', $domain ) ) {
1566
			return new \WP_Error(
1567
				'fail_domain_tld',
0 ignored issues
show
Unused Code introduced by
The call to WP_Error::__construct() has too many arguments starting with 'fail_domain_tld'.

This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue.

If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress.

In this case you can add the @ignore PhpDoc annotation to the duplicate definition and it will be ignored.

Loading history...
1568
				sprintf(
1569
					/* translators: %1$s is a domain name. */
1570
					__(
1571
						'Domain `%1$s` just failed is_usable_domain check as it uses an invalid top level domain.',
1572
						'jetpack'
1573
					),
1574
					$domain
1575
				)
1576
			);
1577
		}
1578
1579
		// No WPCOM subdomains.
1580 View Code Duplication
		if ( preg_match( '#\.WordPress\.com$#i', $domain ) ) {
1581
			return new \WP_Error(
1582
				'fail_subdomain_wpcom',
0 ignored issues
show
Unused Code introduced by
The call to WP_Error::__construct() has too many arguments starting with 'fail_subdomain_wpcom'.

This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue.

If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress.

In this case you can add the @ignore PhpDoc annotation to the duplicate definition and it will be ignored.

Loading history...
1583
				sprintf(
1584
					/* translators: %1$s is a domain name. */
1585
					__(
1586
						'Domain `%1$s` just failed is_usable_domain check as it is a subdomain of WordPress.com.',
1587
						'jetpack'
1588
					),
1589
					$domain
1590
				)
1591
			);
1592
		}
1593
1594
		// If PHP was compiled without support for the Filter module (very edge case).
1595
		if ( ! function_exists( 'filter_var' ) ) {
1596
			// Just pass back true for now, and let wpcom sort it out.
1597
			return true;
1598
		}
1599
1600
		return true;
1601
	}
1602
1603
	/**
1604
	 * Gets the requested token.
1605
	 *
1606
	 * Tokens are one of two types:
1607
	 * 1. Blog Tokens: These are the "main" tokens. Each site typically has one Blog Token,
1608
	 *    though some sites can have multiple "Special" Blog Tokens (see below). These tokens
1609
	 *    are not associated with a user account. They represent the site's connection with
1610
	 *    the Jetpack servers.
1611
	 * 2. User Tokens: These are "sub-"tokens. Each connected user account has one User Token.
1612
	 *
1613
	 * All tokens look like "{$token_key}.{$private}". $token_key is a public ID for the
1614
	 * token, and $private is a secret that should never be displayed anywhere or sent
1615
	 * over the network; it's used only for signing things.
1616
	 *
1617
	 * Blog Tokens can be "Normal" or "Special".
1618
	 * * Normal: The result of a normal connection flow. They look like
1619
	 *   "{$random_string_1}.{$random_string_2}"
1620
	 *   That is, $token_key and $private are both random strings.
1621
	 *   Sites only have one Normal Blog Token. Normal Tokens are found in either
1622
	 *   Jetpack_Options::get_option( 'blog_token' ) (usual) or the JETPACK_BLOG_TOKEN
1623
	 *   constant (rare).
1624
	 * * Special: A connection token for sites that have gone through an alternative
1625
	 *   connection flow. They look like:
1626
	 *   ";{$special_id}{$special_version};{$wpcom_blog_id};.{$random_string}"
1627
	 *   That is, $private is a random string and $token_key has a special structure with
1628
	 *   lots of semicolons.
1629
	 *   Most sites have zero Special Blog Tokens. Special tokens are only found in the
1630
	 *   JETPACK_BLOG_TOKEN constant.
1631
	 *
1632
	 * In particular, note that Normal Blog Tokens never start with ";" and that
1633
	 * Special Blog Tokens always do.
1634
	 *
1635
	 * When searching for a matching Blog Tokens, Blog Tokens are examined in the following
1636
	 * order:
1637
	 * 1. Defined Special Blog Tokens (via the JETPACK_BLOG_TOKEN constant)
1638
	 * 2. Stored Normal Tokens (via Jetpack_Options::get_option( 'blog_token' ))
1639
	 * 3. Defined Normal Tokens (via the JETPACK_BLOG_TOKEN constant)
1640
	 *
1641
	 * @param int|false    $user_id   false: Return the Blog Token. int: Return that user's User Token.
1642
	 * @param string|false $token_key If provided, check that the token matches the provided input.
1643
	 * @param bool|true    $suppress_errors If true, return a falsy value when the token isn't found; When false, return a descriptive WP_Error when the token isn't found.
1644
	 *
1645
	 * @return object|false
1646
	 */
1647
	public function get_access_token( $user_id = false, $token_key = false, $suppress_errors = true ) {
1648
		$possible_special_tokens = array();
1649
		$possible_normal_tokens  = array();
1650
		$user_tokens             = \Jetpack_Options::get_option( 'user_tokens' );
1651
1652
		if ( $user_id ) {
0 ignored issues
show
Bug Best Practice introduced by
The expression $user_id of type false|integer is loosely compared to true; this is ambiguous if the integer can be zero. You might want to explicitly use !== null instead.

In PHP, under loose comparison (like ==, or !=, or switch conditions), values of different types might be equal.

For integer values, zero is a special case, in particular the following results might be unexpected:

0   == false // true
0   == null  // true
123 == false // false
123 == null  // false

// It is often better to use strict comparison
0 === false // false
0 === null  // false
Loading history...
1653
			if ( ! $user_tokens ) {
1654
				return $suppress_errors ? false : new \WP_Error( 'no_user_tokens' );
0 ignored issues
show
Unused Code introduced by
The call to WP_Error::__construct() has too many arguments starting with 'no_user_tokens'.

This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue.

If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress.

In this case you can add the @ignore PhpDoc annotation to the duplicate definition and it will be ignored.

Loading history...
1655
			}
1656
			if ( self::JETPACK_MASTER_USER === $user_id ) {
1657
				$user_id = \Jetpack_Options::get_option( 'master_user' );
1658
				if ( ! $user_id ) {
1659
					return $suppress_errors ? false : new \WP_Error( 'empty_master_user_option' );
0 ignored issues
show
Unused Code introduced by
The call to WP_Error::__construct() has too many arguments starting with 'empty_master_user_option'.

This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue.

If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress.

In this case you can add the @ignore PhpDoc annotation to the duplicate definition and it will be ignored.

Loading history...
1660
				}
1661
			}
1662
			if ( ! isset( $user_tokens[ $user_id ] ) || ! $user_tokens[ $user_id ] ) {
1663
				return $suppress_errors ? false : new \WP_Error( 'no_token_for_user', sprintf( 'No token for user %d', $user_id ) );
0 ignored issues
show
Unused Code introduced by
The call to WP_Error::__construct() has too many arguments starting with 'no_token_for_user'.

This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue.

If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress.

In this case you can add the @ignore PhpDoc annotation to the duplicate definition and it will be ignored.

Loading history...
1664
			}
1665
			$user_token_chunks = explode( '.', $user_tokens[ $user_id ] );
1666 View Code Duplication
			if ( empty( $user_token_chunks[1] ) || empty( $user_token_chunks[2] ) ) {
1667
				return $suppress_errors ? false : new \WP_Error( 'token_malformed', sprintf( 'Token for user %d is malformed', $user_id ) );
0 ignored issues
show
Unused Code introduced by
The call to WP_Error::__construct() has too many arguments starting with 'token_malformed'.

This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue.

If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress.

In this case you can add the @ignore PhpDoc annotation to the duplicate definition and it will be ignored.

Loading history...
1668
			}
1669 View Code Duplication
			if ( $user_token_chunks[2] !== (string) $user_id ) {
1670
				return $suppress_errors ? false : new \WP_Error( 'user_id_mismatch', sprintf( 'Requesting user_id %d does not match token user_id %d', $user_id, $user_token_chunks[2] ) );
0 ignored issues
show
Unused Code introduced by
The call to WP_Error::__construct() has too many arguments starting with 'user_id_mismatch'.

This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue.

If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress.

In this case you can add the @ignore PhpDoc annotation to the duplicate definition and it will be ignored.

Loading history...
1671
			}
1672
			$possible_normal_tokens[] = "{$user_token_chunks[0]}.{$user_token_chunks[1]}";
1673
		} else {
1674
			$stored_blog_token = \Jetpack_Options::get_option( 'blog_token' );
1675
			if ( $stored_blog_token ) {
1676
				$possible_normal_tokens[] = $stored_blog_token;
1677
			}
1678
1679
			$defined_tokens_string = Constants::get_constant( 'JETPACK_BLOG_TOKEN' );
1680
1681
			if ( $defined_tokens_string ) {
1682
				$defined_tokens = explode( ',', $defined_tokens_string );
1683
				foreach ( $defined_tokens as $defined_token ) {
1684
					if ( ';' === $defined_token[0] ) {
1685
						$possible_special_tokens[] = $defined_token;
1686
					} else {
1687
						$possible_normal_tokens[] = $defined_token;
1688
					}
1689
				}
1690
			}
1691
		}
1692
1693
		if ( self::MAGIC_NORMAL_TOKEN_KEY === $token_key ) {
1694
			$possible_tokens = $possible_normal_tokens;
1695
		} else {
1696
			$possible_tokens = array_merge( $possible_special_tokens, $possible_normal_tokens );
1697
		}
1698
1699
		if ( ! $possible_tokens ) {
0 ignored issues
show
Bug Best Practice introduced by
The expression $possible_tokens of type array is implicitly converted to a boolean; are you sure this is intended? If so, consider using empty($expr) instead to make it clear that you intend to check for an array without elements.

This check marks implicit conversions of arrays to boolean values in a comparison. While in PHP an empty array is considered to be equal (but not identical) to false, this is not always apparent.

Consider making the comparison explicit by using empty(..) or ! empty(...) instead.

Loading history...
1700
			return $suppress_errors ? false : new \WP_Error( 'no_possible_tokens' );
0 ignored issues
show
Unused Code introduced by
The call to WP_Error::__construct() has too many arguments starting with 'no_possible_tokens'.

This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue.

If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress.

In this case you can add the @ignore PhpDoc annotation to the duplicate definition and it will be ignored.

Loading history...
1701
		}
1702
1703
		$valid_token = false;
1704
1705
		if ( false === $token_key ) {
1706
			// Use first token.
1707
			$valid_token = $possible_tokens[0];
1708
		} elseif ( self::MAGIC_NORMAL_TOKEN_KEY === $token_key ) {
1709
			// Use first normal token.
1710
			$valid_token = $possible_tokens[0]; // $possible_tokens only contains normal tokens because of earlier check.
1711
		} else {
1712
			// Use the token matching $token_key or false if none.
1713
			// Ensure we check the full key.
1714
			$token_check = rtrim( $token_key, '.' ) . '.';
1715
1716
			foreach ( $possible_tokens as $possible_token ) {
1717
				if ( hash_equals( substr( $possible_token, 0, strlen( $token_check ) ), $token_check ) ) {
1718
					$valid_token = $possible_token;
1719
					break;
1720
				}
1721
			}
1722
		}
1723
1724
		if ( ! $valid_token ) {
1725
			return $suppress_errors ? false : new \WP_Error( 'no_valid_token' );
0 ignored issues
show
Unused Code introduced by
The call to WP_Error::__construct() has too many arguments starting with 'no_valid_token'.

This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue.

If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress.

In this case you can add the @ignore PhpDoc annotation to the duplicate definition and it will be ignored.

Loading history...
1726
		}
1727
1728
		return (object) array(
1729
			'secret'           => $valid_token,
1730
			'external_user_id' => (int) $user_id,
1731
		);
1732
	}
1733
1734
	/**
1735
	 * In some setups, $HTTP_RAW_POST_DATA can be emptied during some IXR_Server paths
1736
	 * since it is passed by reference to various methods.
1737
	 * Capture it here so we can verify the signature later.
1738
	 *
1739
	 * @param Array $methods an array of available XMLRPC methods.
1740
	 * @return Array the same array, since this method doesn't add or remove anything.
1741
	 */
1742
	public function xmlrpc_methods( $methods ) {
1743
		$this->raw_post_data = $GLOBALS['HTTP_RAW_POST_DATA'];
1744
		return $methods;
1745
	}
1746
1747
	/**
1748
	 * Resets the raw post data parameter for testing purposes.
1749
	 */
1750
	public function reset_raw_post_data() {
1751
		$this->raw_post_data = null;
1752
	}
1753
1754
	/**
1755
	 * Registering an additional method.
1756
	 *
1757
	 * @param Array $methods an array of available XMLRPC methods.
1758
	 * @return Array the amended array in case the method is added.
1759
	 */
1760
	public function public_xmlrpc_methods( $methods ) {
1761
		if ( array_key_exists( 'wp.getOptions', $methods ) ) {
1762
			$methods['wp.getOptions'] = array( $this, 'jetpack_get_options' );
1763
		}
1764
		return $methods;
1765
	}
1766
1767
	/**
1768
	 * Handles a getOptions XMLRPC method call.
1769
	 *
1770
	 * @param Array $args method call arguments.
1771
	 * @return an amended XMLRPC server options array.
1772
	 */
1773
	public function jetpack_get_options( $args ) {
1774
		global $wp_xmlrpc_server;
1775
1776
		$wp_xmlrpc_server->escape( $args );
1777
1778
		$username = $args[1];
1779
		$password = $args[2];
1780
1781
		$user = $wp_xmlrpc_server->login( $username, $password );
1782
		if ( ! $user ) {
1783
			return $wp_xmlrpc_server->error;
1784
		}
1785
1786
		$options   = array();
1787
		$user_data = $this->get_connected_user_data();
1788
		if ( is_array( $user_data ) ) {
1789
			$options['jetpack_user_id']         = array(
1790
				'desc'     => __( 'The WP.com user ID of the connected user', 'jetpack' ),
1791
				'readonly' => true,
1792
				'value'    => $user_data['ID'],
1793
			);
1794
			$options['jetpack_user_login']      = array(
1795
				'desc'     => __( 'The WP.com username of the connected user', 'jetpack' ),
1796
				'readonly' => true,
1797
				'value'    => $user_data['login'],
1798
			);
1799
			$options['jetpack_user_email']      = array(
1800
				'desc'     => __( 'The WP.com user email of the connected user', 'jetpack' ),
1801
				'readonly' => true,
1802
				'value'    => $user_data['email'],
1803
			);
1804
			$options['jetpack_user_site_count'] = array(
1805
				'desc'     => __( 'The number of sites of the connected WP.com user', 'jetpack' ),
1806
				'readonly' => true,
1807
				'value'    => $user_data['site_count'],
1808
			);
1809
		}
1810
		$wp_xmlrpc_server->blog_options = array_merge( $wp_xmlrpc_server->blog_options, $options );
1811
		$args                           = stripslashes_deep( $args );
1812
		return $wp_xmlrpc_server->wp_getOptions( $args );
1813
	}
1814
1815
	/**
1816
	 * Adds Jetpack-specific options to the output of the XMLRPC options method.
1817
	 *
1818
	 * @param Array $options standard Core options.
1819
	 * @return Array amended options.
1820
	 */
1821
	public function xmlrpc_options( $options ) {
1822
		$jetpack_client_id = false;
1823
		if ( $this->is_active() ) {
1824
			$jetpack_client_id = \Jetpack_Options::get_option( 'id' );
1825
		}
1826
		$options['jetpack_version'] = array(
1827
			'desc'     => __( 'Jetpack Plugin Version', 'jetpack' ),
1828
			'readonly' => true,
1829
			'value'    => Constants::get_constant( 'JETPACK__VERSION' ),
1830
		);
1831
1832
		$options['jetpack_client_id'] = array(
1833
			'desc'     => __( 'The Client ID/WP.com Blog ID of this site', 'jetpack' ),
1834
			'readonly' => true,
1835
			'value'    => $jetpack_client_id,
1836
		);
1837
		return $options;
1838
	}
1839
1840
	/**
1841
	 * Resets the saved authentication state in between testing requests.
1842
	 */
1843
	public function reset_saved_auth_state() {
1844
		$this->xmlrpc_verification = null;
1845
	}
1846
1847
	/**
1848
	 * Sign a user role with the master access token.
1849
	 * If not specified, will default to the current user.
1850
	 *
1851
	 * @access public
1852
	 *
1853
	 * @param string $role    User role.
1854
	 * @param int    $user_id ID of the user.
0 ignored issues
show
Documentation introduced by
Should the type for parameter $user_id not be integer|null?

This check looks for @param annotations where the type inferred by our type inference engine differs from the declared type.

It makes a suggestion as to what type it considers more descriptive.

Most often this is a case of a parameter that can be null in addition to its declared types.

Loading history...
1855
	 * @return string Signed user role.
1856
	 */
1857
	public function sign_role( $role, $user_id = null ) {
1858
		if ( empty( $user_id ) ) {
1859
			$user_id = (int) get_current_user_id();
1860
		}
1861
1862
		if ( ! $user_id ) {
1863
			return false;
1864
		}
1865
1866
		$token = $this->get_access_token();
1867
		if ( ! $token || is_wp_error( $token ) ) {
1868
			return false;
1869
		}
1870
1871
		return $role . ':' . hash_hmac( 'md5', "{$role}|{$user_id}", $token->secret );
1872
	}
1873
}
1874