Broken_Token - Code Metrics - Inspection of "Set default testing instruction case per PR feedba..." - Automattic/jetpack - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — add/testing-info ( be1095...03b7e9 )

unknown

created 2021-05-31 21:04 UTC

Broken_Token B

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	545
Duplicated Lines	4.95 %

Coupling/Cohesion

Components	1
Dependencies	1

Importance

Changes

Metric	Value
dl	27
loc	545
rs	8.96
c	0
b	0
f	0
wmc	43
lcom	1
cbo	1

25 Methods

Rating	Name	Duplication	Size	Complexity
A	__construct()	0	35	3
A	enqueue_scripts()	0	5	2
A	broken_token_register_submenu_page()	0	11	1
B	render_ui()	0	135	5
A	admin_post_store_current_options()	0	7	1
A	admin_post_clear_stored_options()	0	6	1
A	admin_post_restore_from_stored_options()	0	16	4
A	admin_post_set_invalid_blog_token()	0	7	1
A	admin_post_set_invalid_user_tokens()	14	14	2
A	admin_post_set_invalid_current_user_token()	13	13	1
A	admin_post_clear_blog_token()	0	6	1
A	admin_post_clear_user_tokens()	0	6	1
A	admin_post_clear_current_user_token()	0	15	2
A	admin_post_randomize_master_user()	0	7	1
A	admin_post_randomize_master_user_and_token()	0	14	2
A	admin_post_clear_master_user()	0	6	1
A	admin_post_randomize_blog_id()	0	6	1
A	admin_post_clear_blog_id()	0	6	1
A	store_current_options()	0	12	1
A	get_stored_connection_options()	0	3	1
A	clear_stored_options()	0	3	1
A	admin_post_redirect_referrer()	0	15	2
A	render_admin_notice()	0	21	5
A	admin_post_clear_tos()	0	7	1
A	clear_tos()	0	3	1

How to fix Duplicated Code Complexity

Duplicated Code

Duplicate code is one of the most pungent code smells. A rule that is often used is to re-structure code once it is duplicated in three or more places.

Common duplication problems, and corresponding solutions are:

If you have the same expression in different places: Extract expression to a method
If you have the same method in different sub-classes: Extract method, and pull up field to the parent class
If you have the same code in unrelated classes: Consider extracting the code to a new class, and injecting that class

Complex Class

Tip: Before tackling complexity, make sure that you eliminate any duplication first. This often can reduce the size of classes significantly.

Complex classes like Broken_Token often do a lot of different things. To break such a class down, we need to identify a cohesive component within that class. A common approach to find such a component is to look for fields/methods that share the same prefixes, or suffixes. You can also have a look at the cohesion graph to spot any un-connected, or weakly-connected components.

Once you have determined the fields that belong together, you can apply the Extract Class refactoring. If the component makes sense as a sub-class, Extract Subclass is also a candidate, and is often faster.

While breaking up the class, it is a good idea to analyze how other classes use Broken_Token, and based on these observations, apply Extract Interface, too.

<?php // phpcs:disable WordPress.PHP.DevelopmentFunctions.error_log_print_r
/**
 * Plugin Name: Broken Token
 * Description: Give me a Jetpack connection, and I'll break it every way possible.
 * Author: Bestpack
 * Version: 1.0
 * Text Domain: jetpack
 *
 * @package automattic/jetpack-debug-helper
 */

/**
 * Require the XMLRPC functionality.
 */
require 'inc/class-broken-token-xmlrpc.php';

/**
 * Class Broken_Token
 */
class Broken_Token {
	/**
	 * Notice type.
	 *
	 * @var mixed|string
	 */
	public $notice_type = '';

	/**
	 * Blog token.
	 *
	 * @var bool|mixed
	 */
	public $blog_token;

	/**
	 * User token.
	 *
	 * @var bool|mixed
	 */
	public $user_tokens;

	/**
	 * Jetpack Primary User.
	 *
	 * @var bool|mixed
	 */
	public $master_user;

	/**
	 * Site ID.
	 *
	 * @var bool|mixed
	 */
	public $id;

	/**
	 * Whether the user has agreed to the TOS.
	 *
	 * @var bool
	 */
	public $tos_agreed;

	/**
	 * Options.
	 */
	const STORED_OPTIONS_KEY = 'broken_token_stored_options';

	/**
	 * Token name.
	 *
	 * @var string
	 */
	public $invalid_blog_token = 'broken.token';

	/**
	 * User token name.
	 *
	 * @var string
	 */
	public $invalid_user_token = 'broken.token.%d';

	/**
	 * Broken_Token constructor.
	 */
	public function __construct() {
		add_action( 'admin_menu', array( $this, 'broken_token_register_submenu_page' ), 1000 );

		add_action( 'admin_enqueue_scripts', array( $this, 'enqueue_scripts' ) );

		// Stored options.
		add_action( 'admin_post_clear_stored_options', array( $this, 'admin_post_clear_stored_options' ) );
		add_action( 'admin_post_store_current_options', array( $this, 'admin_post_store_current_options' ) );
		add_action( 'admin_post_restore_from_stored_options', array( $this, 'admin_post_restore_from_stored_options' ) );
		add_action( 'admin_post_clear_tos', array( $this, 'admin_post_clear_tos' ) );

		// Break stuff.
		add_action( 'admin_post_set_invalid_blog_token', array( $this, 'admin_post_set_invalid_blog_token' ) );
		add_action( 'admin_post_set_invalid_user_tokens', array( $this, 'admin_post_set_invalid_user_tokens' ) );
		add_action( 'admin_post_set_invalid_current_user_token', array( $this, 'admin_post_set_invalid_current_user_token' ) );
		add_action( 'admin_post_clear_blog_token', array( $this, 'admin_post_clear_blog_token' ) );
		add_action( 'admin_post_clear_current_user_token', array( $this, 'admin_post_clear_current_user_token' ) );
		add_action( 'admin_post_clear_user_tokens', array( $this, 'admin_post_clear_user_tokens' ) );
		add_action( 'admin_post_randomize_master_user', array( $this, 'admin_post_randomize_master_user' ) );
		add_action( 'admin_post_randomize_master_user_and_token', array( $this, 'admin_post_randomize_master_user_and_token' ) );
		add_action( 'admin_post_clear_master_user', array( $this, 'admin_post_clear_master_user' ) );
		add_action( 'admin_post_randomize_blog_id', array( $this, 'admin_post_randomize_blog_id' ) );
		add_action( 'admin_post_clear_blog_id', array( $this, 'admin_post_clear_blog_id' ) );

		$this->blog_token  = Jetpack_Options::get_option( 'blog_token' );
		$this->user_tokens = Jetpack_Options::get_option( 'user_tokens' );
		$this->master_user = Jetpack_Options::get_option( 'master_user' );
		$this->id          = Jetpack_Options::get_option( 'id' );
		$this->tos_agreed  = Jetpack_Options::get_option( 'tos_agreed' );

		if ( isset( $_GET['notice'] ) && check_admin_referer( 'jetpack_debug_broken_token_admin_notice', 'nonce' ) ) {
			$this->notice_type = $_GET['notice'];
			add_action( 'admin_notices', array( $this, 'render_admin_notice' ) );
		}
	}

	/**
	 * Enqueue scripts.
	 *
	 * @param string $hook Called hook.
	 */
	public function enqueue_scripts( $hook ) {
		if ( strpos( $hook, 'jetpack_page_broken-token' ) === 0 ) {
			wp_enqueue_style( 'broken_token_style', plugin_dir_url( __FILE__ ) . '/css/style.css', array(), JETPACK_DEBUG_HELPER_VERSION );
		}
	}

	/**
	 * Register's submenu.
	 */
	public function broken_token_register_submenu_page() {
		add_submenu_page(
			'jetpack-debug-tools',
			'Broken Token',
			'Broken Token',
			'manage_options',
			'broken-token',
			array( $this, 'render_ui' ),
			99
		);
	}

	/**
	 * Render UI.
	 */
	public function render_ui() {
		$stored_options = $this->get_stored_connection_options();
		?>
		<h1>Broken Token 😱!</h1>
		<p>This plugin will help you break the Jetpack connection in various ways.</p>
		<p>All instances of breaking only involve modifying the local DB options. Nothing done here will alter tokens stored in wp.com</p>
		<hr>

		<h2>Current token options being used by Jetpack:</h2>
		<p>Blog Token: <?php echo esc_html( $this->blog_token ); ?></p>
		<p>User Tokens: <?php print_r( $this->user_tokens ); ?></p>
		<p>Primary User: <?php echo esc_html( $this->master_user ); ?></p>
		<p>Blog ID: <?php echo esc_html( $this->id ); ?></p>

		<?php
		if ( $this->tos_agreed ) {
			?>
			<form action="<?php echo esc_url( admin_url( 'admin-post.php' ) ); ?>" method="post">
				<p>TOS Accepted: ✅ &nbsp;
				<input type="hidden" name="action" value="clear_tos">
				<?php wp_nonce_field( 'clear-tos' ); ?>
				<input type="submit" value="Clear" class="button button-secondary button-small">
				</p>
			</form>
			<?php
		} else {
			?>
			<p>TOS Accepted: ❌</p>
			<?php
		}
		?>

		<form action="<?php echo esc_url( admin_url( 'admin-post.php' ) ); ?>" method="post">
			<input type="hidden" name="action" value="store_current_options">
			<?php wp_nonce_field( 'store-current-options' ); ?>
			<input type="submit" value="Store these options" class="button button-primary">
		</form>
		<br>
		<form action="<?php echo esc_url( admin_url( 'admin-post.php' ) ); ?>" method="post">
			<input type="hidden" name="action" value="restore_from_stored_options">
			<?php wp_nonce_field( 'restore-stored-options' ); ?>
			<input type="submit" value="Restore from stored options" class="button button-primary <?php echo empty( $stored_options ) ? 'disabled' : ''; ?>">
		</form>

		<?php
		echo '<h2>Stored connection options.</h2>';
		echo '<p>Might be useful to store valid connection options before breaking it, so you can restore later.</p>';
		if ( empty( $stored_options ) ) {
			echo '<p>No connection options are currently stored!</p>';
		} else {
			echo '<pre>';
			print_r( $stored_options );
			echo '</pre>';
		}
		?>
		<form action="<?php echo esc_url( admin_url( 'admin-post.php' ) ); ?>" method="post">
			<input type="hidden" name="action" value="clear_stored_options">
			<?php wp_nonce_field( 'clear-stored-options' ); ?>
			<input type="submit" value="Clear stored options" class="button button-primary <?php echo empty( $stored_options ) ? 'disabled' : ''; ?>">
		</form>

		<hr>

		<h2>Break some stuff:</h2>
		<p><strong>Break the blog token:</strong></p>
		<form action="<?php echo esc_url( admin_url( 'admin-post.php' ) ); ?>" method="post">
			<input type="hidden" name="action" value="set_invalid_blog_token">
			<?php wp_nonce_field( 'set-invalid-blog-token' ); ?>
			<input type="submit" value="Set invalid blog token" class="button button-primary button-break-it">
		</form>
		<br>
		<form action="<?php echo esc_url( admin_url( 'admin-post.php' ) ); ?>" method="post">
			<input type="hidden" name="action" value="clear_blog_token">
			<?php wp_nonce_field( 'clear-blog-token' ); ?>
			<input type="submit" value="Clear blog token" class="button button-primary button-break-it">
		</form>

		<p><strong>Break the user tokens:</strong></p>
		<form action="<?php echo esc_url( admin_url( 'admin-post.php' ) ); ?>" method="post">
			<input type="hidden" name="action" value="clear_user_tokens">
			<?php wp_nonce_field( 'clear-user-tokens' ); ?>
			<input type="submit" value="Clear user tokens" class="button button-primary button-break-it">
		</form>
		<br>
		<form action="<?php echo esc_url( admin_url( 'admin-post.php' ) ); ?>" method="post">
			<input type="hidden" name="action" value="set_invalid_user_tokens">
			<?php wp_nonce_field( 'set-invalid-user-tokens' ); ?>
			<input type="submit" value="Set invalid user tokens" class="button button-primary button-break-it">
		</form>
		<br>
		<form action="<?php echo esc_url( admin_url( 'admin-post.php' ) ); ?>" method="post">
			<input type="hidden" name="action" value="clear_current_user_token">
			<?php wp_nonce_field( 'clear-current-user-token' ); ?>
			<input type="submit" value="Clear user token (current user)" class="button button-primary button-break-it">
		</form>
		<br>
		<form action="<?php echo esc_url( admin_url( 'admin-post.php' ) ); ?>" method="post">
			<input type="hidden" name="action" value="set_invalid_current_user_token">
			<?php wp_nonce_field( 'set-invalid-current-user-token' ); ?>
			<input type="submit" value="Set invalid user token (current user)" class="button button-primary button-break-it">
		</form>

		<p><strong>Break the Primary User:</strong></p>
		<form action="<?php echo esc_url( admin_url( 'admin-post.php' ) ); ?>" method="post">
			<input type="hidden" name="action" value="randomize_master_user">
			<?php wp_nonce_field( 'randomize-master-user' ); ?>
			<input type="submit" value="Randomize Primary User ID" class="button button-primary button-break-it">
		</form>
		<br>
		<form action="<?php echo esc_url( admin_url( 'admin-post.php' ) ); ?>" method="post">
			<input type="hidden" name="action" value="randomize_master_user_and_token">
			<?php wp_nonce_field( 'randomize-master-user-and-token' ); ?>
			<input type="submit" value="Randomize Primary User ID and move the user token together" class="button button-primary button-break-it">
		</form>
		<br>
		<form action="<?php echo esc_url( admin_url( 'admin-post.php' ) ); ?>" method="post">
			<input type="hidden" name="action" value="clear_master_user">
			<?php wp_nonce_field( 'clear-master-user' ); ?>
			<input type="submit" value="Clear the Primary User" class="button button-primary button-break-it">
		</form>

		<p><strong>Break the blog ID:</strong></p>
		<form action="<?php echo esc_url( admin_url( 'admin-post.php' ) ); ?>" method="post">
			<input type="hidden" name="action" value="randomize_blog_id">
			<?php wp_nonce_field( 'randomize-blog-id' ); ?>
			<input type="submit" value="Randomize Blog ID" class="button button-primary button-break-it">
		</form>
		<br>
		<form action="<?php echo esc_url( admin_url( 'admin-post.php' ) ); ?>" method="post">
			<input type="hidden" name="action" value="clear_blog_id">
			<?php wp_nonce_field( 'clear-blog-id' ); ?>
			<input type="submit" value="Clear the Blog ID" class="button button-primary button-break-it">
		</form>
		<?php
	}

	/**
	 * Store options.
	 */
	public function admin_post_store_current_options() {
		check_admin_referer( 'store-current-options' );
		$this->notice_type = 'store-options';
		$this->store_current_options();

		$this->admin_post_redirect_referrer();
	}

	/**
	 * Clear options.
	 */
	public function admin_post_clear_stored_options() {
		check_admin_referer( 'clear-stored-options' );
		$this->clear_stored_options();

		$this->admin_post_redirect_referrer();
	}

	/**
	 * Restore from options.
	 */
	public function admin_post_restore_from_stored_options() {
		check_admin_referer( 'restore-stored-options' );
		$this->notice_type = 'restore-options';
		foreach ( $this->get_stored_connection_options() as $key => $value ) {
			if ( empty( $value ) ) {
				if ( 'tos_agreed' === $key ) {
					Jetpack_Options::delete_option( 'tos_agreed' );
				}

				continue;
			}
			Jetpack_Options::update_option( $key, $value );
		}

		$this->admin_post_redirect_referrer();
	}

	/**
	 * Set invalid blog token.
	 */
	public function admin_post_set_invalid_blog_token() {
		check_admin_referer( 'set-invalid-blog-token' );
		$this->notice_type = 'jetpack-broken';
		Jetpack_Options::update_option( 'blog_token', $this->invalid_blog_token );

		$this->admin_post_redirect_referrer();
	}

	/**
	 * Set invalid user token.
	 */
	public function admin_post_set_invalid_user_tokens() {
		check_admin_referer( 'set-invalid-user-tokens' );
		$this->notice_type = 'jetpack-broken';

		$new_tokens = array();

		foreach ( Jetpack_Options::get_option( 'user_tokens' ) as $id => $token ) {
			$new_tokens[ $id ] = sprintf( $this->invalid_user_token, $id );
		}

		Jetpack_Options::update_option( 'user_tokens', $new_tokens );

		$this->admin_post_redirect_referrer();
	}

	/**
	 * Set invalid current user token.
	 */
	public function admin_post_set_invalid_current_user_token() {
		check_admin_referer( 'set-invalid-current-user-token' );
		$this->notice_type = 'jetpack-broken';

		$tokens = Jetpack_Options::get_option( 'user_tokens' );

		$id            = get_current_user_id();
		$tokens[ $id ] = sprintf( $this->invalid_user_token, $id );

		Jetpack_Options::update_option( 'user_tokens', $tokens );

		$this->admin_post_redirect_referrer();
	}

	/**
	 * Clear blog token.
	 */
	public function admin_post_clear_blog_token() {
		check_admin_referer( 'clear-blog-token' );
		$this->notice_type = 'jetpack-broken';
		Jetpack_Options::delete_option( 'blog_token' );
		$this->admin_post_redirect_referrer();
	}

	/**
	 * Clear user token.
	 */
	public function admin_post_clear_user_tokens() {
		check_admin_referer( 'clear-user-tokens' );
		$this->notice_type = 'jetpack-broken';
		Jetpack_Options::delete_option( 'user_tokens' );
		$this->admin_post_redirect_referrer();
	}

	/**
	 * Clear current user token.
	 */
	public function admin_post_clear_current_user_token() {
		check_admin_referer( 'clear-current-user-token' );
		$this->notice_type = 'jetpack-broken';

		$tokens = Jetpack_Options::get_option( 'user_tokens' );

		$id = get_current_user_id();
		if ( isset( $tokens[ $id ] ) ) {
			unset( $tokens[ $id ] );
		}

		Jetpack_Options::update_option( 'user_tokens', $tokens );

		$this->admin_post_redirect_referrer();
	}

	/**
	 * Randomize master user.
	 */
	public function admin_post_randomize_master_user() {
		check_admin_referer( 'randomize-master-user' );
		$this->notice_type = 'jetpack-broken';
		$current_id        = Jetpack_Options::get_option( 'master_user' );
		Jetpack_Options::update_option( 'master_user', wp_rand( $current_id + 1, $current_id + 100 ) );
		$this->admin_post_redirect_referrer();
	}

	/**
	 * Randomize master user and its token.
	 */
	public function admin_post_randomize_master_user_and_token() {
		check_admin_referer( 'randomize-master-user-and-token' );
		$this->notice_type = 'jetpack-broken';
		$current_id        = Jetpack_Options::get_option( 'master_user' );
		$random_id         = wp_rand( $current_id + 1, $current_id + 100 );
		Jetpack_Options::update_option( 'master_user', $random_id );
		$user_tokens = Jetpack_Options::get_option( 'user_tokens', array() );
		if ( isset( $user_tokens[ $current_id ] ) ) {
			$user_tokens[ $random_id ] = substr( $user_tokens[ $current_id ], 0, strrpos( $user_tokens[ $current_id ], '.' ) ) . ".$random_id";
			unset( $user_tokens[ $current_id ] );
		}
		Jetpack_Options::update_option( 'user_tokens', $user_tokens );
		$this->admin_post_redirect_referrer();
	}

	/**
	 * Clear master user.
	 */
	public function admin_post_clear_master_user() {
		check_admin_referer( 'clear-master-user' );
		$this->notice_type = 'jetpack-broken';
		Jetpack_Options::delete_option( 'master_user' );
		$this->admin_post_redirect_referrer();
	}

	/**
	 * Randomize blog ID.
	 */
	public function admin_post_randomize_blog_id() {
		check_admin_referer( 'randomize-blog-id' );
		$this->notice_type = 'jetpack-broken';
		Jetpack_Options::update_option( 'id', wp_rand( 100, 10000 ) );
		$this->admin_post_redirect_referrer();
	}

	/**
	 * Clear blog ID.
	 */
	public function admin_post_clear_blog_id() {
		check_admin_referer( 'clear-blog-id' );
		$this->notice_type = 'jetpack-broken';
		Jetpack_Options::delete_option( 'id' );
		$this->admin_post_redirect_referrer();
	}

	/**
	 * Stores a backup of the current Jetpack connection options.
	 */
	public function store_current_options() {
		update_option(
			self::STORED_OPTIONS_KEY,
			array(
				'blog_token'  => $this->blog_token,
				'user_tokens' => $this->user_tokens,
				'master_user' => $this->master_user,
				'id'          => $this->id,
				'tos_agreed'  => $this->tos_agreed,
			)
		);
	}

	/**
	 * Retrieves the stored connection options.
	 *
	 * @return array
	 */
	public function get_stored_connection_options() {
		return get_option( self::STORED_OPTIONS_KEY );
	}

	/**
	 * Clears all stored connection option values.
	 */
	public function clear_stored_options() {
		delete_option( self::STORED_OPTIONS_KEY );
	}

	/**
	 * Just redirects back to the referrer. Keeping it DRY.
	 */
	public function admin_post_redirect_referrer() {
		if ( wp_get_referer() ) {
			wp_safe_redirect(
				add_query_arg(
					array(
						'notice' => $this->notice_type,
						'nonce'  => wp_create_nonce( 'jetpack_debug_broken_token_admin_notice' ),
					),
					wp_get_referer()
				)
			);
		} else {
			wp_safe_redirect( get_home_url() );
		}
	}

	/**
	 * Displays an admin notice...
	 */
	public function render_admin_notice() {
		switch ( $this->notice_type ) {
			case 'jetpack-broken':
				$message = 'Nice! You broke Jetpack!';
				break;
			case 'store-options':
				$message = 'Success! Backup of the connection options stored safely.';
				break;
			case 'restore-options':
				$message = 'Success! You\'ve restored the connection options. I hope things are working well now.';
				break;
			case 'clear-tos':
				$message = 'You cleared the TOS option! Nicely done!';
				break;
			default:
				$message = 'Setting saved!';
				break;
		}

		printf( '<div class="notice notice-success"><p>%s</p></div>', esc_html( $message ) );
	}

	/**
	 * Clear TOS action.
	 */
	public function admin_post_clear_tos() {
		check_admin_referer( 'clear-tos' );
		$this->notice_type = 'clear-tos';
		$this->clear_tos();

		$this->admin_post_redirect_referrer();
	}

	/**
	 * Clear the TOS option.
	 */
	public function clear_tos() {
		Jetpack_Options::delete_option( 'tos_agreed' );
	}
}

add_action( 'plugins_loaded', 'register_broken_token', 1000 );

/**
 * Load the brokenness.
 */
function register_broken_token() {
	if ( class_exists( 'Jetpack_Options' ) ) {
		new Broken_Token();
		if ( class_exists( 'Automattic\Jetpack\Connection\Error_Handler' ) ) {
			new Broken_Token_XmlRpc();
		}
	} else {
		add_action( 'admin_notices', 'broken_token_jetpack_not_active' );
	}
}

/**
 * Notice for if Jetpack is not active.
 */
function broken_token_jetpack_not_active() {
	echo '<div class="notice info"><p>Jetpack Debug tools: Jetpack_Options package must be present for the Broken Token to work.</p></div>';
}

// phpcs:enable


1		<?php // phpcs:disable WordPress.PHP.DevelopmentFunctions.error_log_print_r
2		/**
3		* Plugin Name: Broken Token
4		* Description: Give me a Jetpack connection, and I'll break it every way possible.
5		* Author: Bestpack
6		* Version: 1.0
7		* Text Domain: jetpack
8		*
9		* @package automattic/jetpack-debug-helper
10		*/
11
12		/**
13		* Require the XMLRPC functionality.
14		*/
15		require 'inc/class-broken-token-xmlrpc.php';
16
17		/**
18		* Class Broken_Token
19		*/
20		class Broken_Token {
21		/**
22		* Notice type.
23		*
24		* @var mixed\|string
25		*/
26		public $notice_type = '';
27
28		/**
29		* Blog token.
30		*
31		* @var bool\|mixed
32		*/
33		public $blog_token;
34
35		/**
36		* User token.
37		*
38		* @var bool\|mixed
39		*/
40		public $user_tokens;
41
42		/**
43		* Jetpack Primary User.
44		*
45		* @var bool\|mixed
46		*/
47		public $master_user;
48
49		/**
50		* Site ID.
51		*
52		* @var bool\|mixed
53		*/
54		public $id;
55
56		/**
57		* Whether the user has agreed to the TOS.
58		*
59		* @var bool
60		*/
61		public $tos_agreed;
62
63		/**
64		* Options.
65		*/
66		const STORED_OPTIONS_KEY = 'broken_token_stored_options';
67
68		/**
69		* Token name.
70		*
71		* @var string
72		*/
73		public $invalid_blog_token = 'broken.token';
74
75		/**
76		* User token name.
77		*
78		* @var string
79		*/
80		public $invalid_user_token = 'broken.token.%d';
81
82		/**
83		* Broken_Token constructor.
84		*/
85		public function __construct() {
86		add_action( 'admin_menu', array( $this, 'broken_token_register_submenu_page' ), 1000 );
87
88		add_action( 'admin_enqueue_scripts', array( $this, 'enqueue_scripts' ) );
89
90		// Stored options.
91		add_action( 'admin_post_clear_stored_options', array( $this, 'admin_post_clear_stored_options' ) );
92		add_action( 'admin_post_store_current_options', array( $this, 'admin_post_store_current_options' ) );
93		add_action( 'admin_post_restore_from_stored_options', array( $this, 'admin_post_restore_from_stored_options' ) );
94		add_action( 'admin_post_clear_tos', array( $this, 'admin_post_clear_tos' ) );
95
96		// Break stuff.
97		add_action( 'admin_post_set_invalid_blog_token', array( $this, 'admin_post_set_invalid_blog_token' ) );
98		add_action( 'admin_post_set_invalid_user_tokens', array( $this, 'admin_post_set_invalid_user_tokens' ) );
99		add_action( 'admin_post_set_invalid_current_user_token', array( $this, 'admin_post_set_invalid_current_user_token' ) );
100		add_action( 'admin_post_clear_blog_token', array( $this, 'admin_post_clear_blog_token' ) );
101		add_action( 'admin_post_clear_current_user_token', array( $this, 'admin_post_clear_current_user_token' ) );
102		add_action( 'admin_post_clear_user_tokens', array( $this, 'admin_post_clear_user_tokens' ) );
103		add_action( 'admin_post_randomize_master_user', array( $this, 'admin_post_randomize_master_user' ) );
104		add_action( 'admin_post_randomize_master_user_and_token', array( $this, 'admin_post_randomize_master_user_and_token' ) );
105		add_action( 'admin_post_clear_master_user', array( $this, 'admin_post_clear_master_user' ) );
106		add_action( 'admin_post_randomize_blog_id', array( $this, 'admin_post_randomize_blog_id' ) );
107		add_action( 'admin_post_clear_blog_id', array( $this, 'admin_post_clear_blog_id' ) );
108
109		$this->blog_token = Jetpack_Options::get_option( 'blog_token' );
110		$this->user_tokens = Jetpack_Options::get_option( 'user_tokens' );
111		$this->master_user = Jetpack_Options::get_option( 'master_user' );
112		$this->id = Jetpack_Options::get_option( 'id' );
113		$this->tos_agreed = Jetpack_Options::get_option( 'tos_agreed' );
114
115		if ( isset( $_GET['notice'] ) && check_admin_referer( 'jetpack_debug_broken_token_admin_notice', 'nonce' ) ) {
116		$this->notice_type = $_GET['notice'];
117		add_action( 'admin_notices', array( $this, 'render_admin_notice' ) );
118		}
119		}
120
121		/**
122		* Enqueue scripts.
123		*
124		* @param string $hook Called hook.
125		*/
126		public function enqueue_scripts( $hook ) {
127		if ( strpos( $hook, 'jetpack_page_broken-token' ) === 0 ) {
128		wp_enqueue_style( 'broken_token_style', plugin_dir_url( __FILE__ ) . '/css/style.css', array(), JETPACK_DEBUG_HELPER_VERSION );
129		}
130		}
131
132		/**
133		* Register's submenu.
134		*/
135		public function broken_token_register_submenu_page() {
136		add_submenu_page(
137		'jetpack-debug-tools',
138		'Broken Token',
139		'Broken Token',
140		'manage_options',
141		'broken-token',
142		array( $this, 'render_ui' ),
143		99
144		);
145		}
146
147		/**
148		* Render UI.
149		*/
150		public function render_ui() {
151		$stored_options = $this->get_stored_connection_options();
152		?>
153		<h1>Broken Token 😱!</h1>
154		<p>This plugin will help you break the Jetpack connection in various ways.</p>
155		<p>All instances of breaking only involve modifying the local DB options. Nothing done here will alter tokens stored in wp.com</p>
156		<hr>
157
158		<h2>Current token options being used by Jetpack:</h2>
159		<p>Blog Token: <?php echo esc_html( $this->blog_token ); ?></p>
160		<p>User Tokens: <?php print_r( $this->user_tokens ); ?></p>
161		<p>Primary User: <?php echo esc_html( $this->master_user ); ?></p>
162		<p>Blog ID: <?php echo esc_html( $this->id ); ?></p>
163
164		<?php
165		if ( $this->tos_agreed ) {
166		?>
167		<form action="<?php echo esc_url( admin_url( 'admin-post.php' ) ); ?>" method="post">
168		<p>TOS Accepted: ✅
169		<input type="hidden" name="action" value="clear_tos">
170		<?php wp_nonce_field( 'clear-tos' ); ?>
171		<input type="submit" value="Clear" class="button button-secondary button-small">
172		</p>
173		</form>
174		<?php
175		} else {
176		?>
177		<p>TOS Accepted: ❌</p>
178		<?php
179		}
180		?>
181
182		<form action="<?php echo esc_url( admin_url( 'admin-post.php' ) ); ?>" method="post">
183		<input type="hidden" name="action" value="store_current_options">
184		<?php wp_nonce_field( 'store-current-options' ); ?>
185		<input type="submit" value="Store these options" class="button button-primary">
186		</form>
187		<br>
188		<form action="<?php echo esc_url( admin_url( 'admin-post.php' ) ); ?>" method="post">
189		<input type="hidden" name="action" value="restore_from_stored_options">
190		<?php wp_nonce_field( 'restore-stored-options' ); ?>
191		<input type="submit" value="Restore from stored options" class="button button-primary <?php echo empty( $stored_options ) ? 'disabled' : ''; ?>">
192		</form>
193
194		<?php
195		echo '<h2>Stored connection options.</h2>';
196		echo '<p>Might be useful to store valid connection options before breaking it, so you can restore later.</p>';
197		if ( empty( $stored_options ) ) {
198		echo '<p>No connection options are currently stored!</p>';
199		} else {
200		echo '<pre>';
201		print_r( $stored_options );
202		echo '</pre>';
203		}
204		?>
205		<form action="<?php echo esc_url( admin_url( 'admin-post.php' ) ); ?>" method="post">
206		<input type="hidden" name="action" value="clear_stored_options">
207		<?php wp_nonce_field( 'clear-stored-options' ); ?>
208		<input type="submit" value="Clear stored options" class="button button-primary <?php echo empty( $stored_options ) ? 'disabled' : ''; ?>">
209		</form>
210
211		<hr>
212
213		<h2>Break some stuff:</h2>
214		<p><strong>Break the blog token:</strong></p>
215		<form action="<?php echo esc_url( admin_url( 'admin-post.php' ) ); ?>" method="post">
216		<input type="hidden" name="action" value="set_invalid_blog_token">
217		<?php wp_nonce_field( 'set-invalid-blog-token' ); ?>
218		<input type="submit" value="Set invalid blog token" class="button button-primary button-break-it">
219		</form>
220		<br>
221		<form action="<?php echo esc_url( admin_url( 'admin-post.php' ) ); ?>" method="post">
222		<input type="hidden" name="action" value="clear_blog_token">
223		<?php wp_nonce_field( 'clear-blog-token' ); ?>
224		<input type="submit" value="Clear blog token" class="button button-primary button-break-it">
225		</form>
226
227		<p><strong>Break the user tokens:</strong></p>
228		<form action="<?php echo esc_url( admin_url( 'admin-post.php' ) ); ?>" method="post">
229		<input type="hidden" name="action" value="clear_user_tokens">
230		<?php wp_nonce_field( 'clear-user-tokens' ); ?>
231		<input type="submit" value="Clear user tokens" class="button button-primary button-break-it">
232		</form>
233		<br>
234		<form action="<?php echo esc_url( admin_url( 'admin-post.php' ) ); ?>" method="post">
235		<input type="hidden" name="action" value="set_invalid_user_tokens">
236		<?php wp_nonce_field( 'set-invalid-user-tokens' ); ?>
237		<input type="submit" value="Set invalid user tokens" class="button button-primary button-break-it">
238		</form>
239		<br>
240		<form action="<?php echo esc_url( admin_url( 'admin-post.php' ) ); ?>" method="post">
241		<input type="hidden" name="action" value="clear_current_user_token">
242		<?php wp_nonce_field( 'clear-current-user-token' ); ?>
243		<input type="submit" value="Clear user token (current user)" class="button button-primary button-break-it">
244		</form>
245		<br>
246		<form action="<?php echo esc_url( admin_url( 'admin-post.php' ) ); ?>" method="post">
247		<input type="hidden" name="action" value="set_invalid_current_user_token">
248		<?php wp_nonce_field( 'set-invalid-current-user-token' ); ?>
249		<input type="submit" value="Set invalid user token (current user)" class="button button-primary button-break-it">
250		</form>
251
252		<p><strong>Break the Primary User:</strong></p>
253		<form action="<?php echo esc_url( admin_url( 'admin-post.php' ) ); ?>" method="post">
254		<input type="hidden" name="action" value="randomize_master_user">
255		<?php wp_nonce_field( 'randomize-master-user' ); ?>
256		<input type="submit" value="Randomize Primary User ID" class="button button-primary button-break-it">
257		</form>
258		<br>
259		<form action="<?php echo esc_url( admin_url( 'admin-post.php' ) ); ?>" method="post">
260		<input type="hidden" name="action" value="randomize_master_user_and_token">
261		<?php wp_nonce_field( 'randomize-master-user-and-token' ); ?>
262		<input type="submit" value="Randomize Primary User ID and move the user token together" class="button button-primary button-break-it">
263		</form>
264		<br>
265		<form action="<?php echo esc_url( admin_url( 'admin-post.php' ) ); ?>" method="post">
266		<input type="hidden" name="action" value="clear_master_user">
267		<?php wp_nonce_field( 'clear-master-user' ); ?>
268		<input type="submit" value="Clear the Primary User" class="button button-primary button-break-it">
269		</form>
270
271		<p><strong>Break the blog ID:</strong></p>
272		<form action="<?php echo esc_url( admin_url( 'admin-post.php' ) ); ?>" method="post">
273		<input type="hidden" name="action" value="randomize_blog_id">
274		<?php wp_nonce_field( 'randomize-blog-id' ); ?>
275		<input type="submit" value="Randomize Blog ID" class="button button-primary button-break-it">
276		</form>
277		<br>
278		<form action="<?php echo esc_url( admin_url( 'admin-post.php' ) ); ?>" method="post">
279		<input type="hidden" name="action" value="clear_blog_id">
280		<?php wp_nonce_field( 'clear-blog-id' ); ?>
281		<input type="submit" value="Clear the Blog ID" class="button button-primary button-break-it">
282		</form>
283		<?php
284		}
285
286		/**
287		* Store options.
288		*/
289		public function admin_post_store_current_options() {
290		check_admin_referer( 'store-current-options' );
291		$this->notice_type = 'store-options';
292		$this->store_current_options();
293
294		$this->admin_post_redirect_referrer();
295		}
296
297		/**
298		* Clear options.
299		*/
300		public function admin_post_clear_stored_options() {
301		check_admin_referer( 'clear-stored-options' );
302		$this->clear_stored_options();
303
304		$this->admin_post_redirect_referrer();
305		}
306
307		/**
308		* Restore from options.
309		*/
310		public function admin_post_restore_from_stored_options() {
311		check_admin_referer( 'restore-stored-options' );
312		$this->notice_type = 'restore-options';
313		foreach ( $this->get_stored_connection_options() as $key => $value ) {
314		if ( empty( $value ) ) {
315		if ( 'tos_agreed' === $key ) {
316		Jetpack_Options::delete_option( 'tos_agreed' );
317		}
318
319		continue;
320		}
321		Jetpack_Options::update_option( $key, $value );
322		}
323
324		$this->admin_post_redirect_referrer();
325		}
326
327		/**
328		* Set invalid blog token.
329		*/
330		public function admin_post_set_invalid_blog_token() {
331		check_admin_referer( 'set-invalid-blog-token' );
332		$this->notice_type = 'jetpack-broken';
333		Jetpack_Options::update_option( 'blog_token', $this->invalid_blog_token );
334
335		$this->admin_post_redirect_referrer();
336		}
337
338		/**
339		* Set invalid user token.
340		*/
341	View Code Duplication	public function admin_post_set_invalid_user_tokens() {
342		check_admin_referer( 'set-invalid-user-tokens' );
343		$this->notice_type = 'jetpack-broken';
344
345		$new_tokens = array();
346
347		foreach ( Jetpack_Options::get_option( 'user_tokens' ) as $id => $token ) {
348		$new_tokens[ $id ] = sprintf( $this->invalid_user_token, $id );
349		}
350
351		Jetpack_Options::update_option( 'user_tokens', $new_tokens );
352
353		$this->admin_post_redirect_referrer();
354		}
355
356		/**
357		* Set invalid current user token.
358		*/
359	View Code Duplication	public function admin_post_set_invalid_current_user_token() {
360		check_admin_referer( 'set-invalid-current-user-token' );
361		$this->notice_type = 'jetpack-broken';
362
363		$tokens = Jetpack_Options::get_option( 'user_tokens' );
364
365		$id = get_current_user_id();
366		$tokens[ $id ] = sprintf( $this->invalid_user_token, $id );
367
368		Jetpack_Options::update_option( 'user_tokens', $tokens );
369
370		$this->admin_post_redirect_referrer();
371		}
372
373		/**
374		* Clear blog token.
375		*/
376		public function admin_post_clear_blog_token() {
377		check_admin_referer( 'clear-blog-token' );
378		$this->notice_type = 'jetpack-broken';
379		Jetpack_Options::delete_option( 'blog_token' );
380		$this->admin_post_redirect_referrer();
381		}
382
383		/**
384		* Clear user token.
385		*/
386		public function admin_post_clear_user_tokens() {
387		check_admin_referer( 'clear-user-tokens' );
388		$this->notice_type = 'jetpack-broken';
389		Jetpack_Options::delete_option( 'user_tokens' );
390		$this->admin_post_redirect_referrer();
391		}
392
393		/**
394		* Clear current user token.
395		*/
396		public function admin_post_clear_current_user_token() {
397		check_admin_referer( 'clear-current-user-token' );
398		$this->notice_type = 'jetpack-broken';
399
400		$tokens = Jetpack_Options::get_option( 'user_tokens' );
401
402		$id = get_current_user_id();
403		if ( isset( $tokens[ $id ] ) ) {
404		unset( $tokens[ $id ] );
405		}
406
407		Jetpack_Options::update_option( 'user_tokens', $tokens );
408
409		$this->admin_post_redirect_referrer();
410		}
411
412		/**
413		* Randomize master user.
414		*/
415		public function admin_post_randomize_master_user() {
416		check_admin_referer( 'randomize-master-user' );
417		$this->notice_type = 'jetpack-broken';
418		$current_id = Jetpack_Options::get_option( 'master_user' );
419		Jetpack_Options::update_option( 'master_user', wp_rand( $current_id + 1, $current_id + 100 ) );
420		$this->admin_post_redirect_referrer();
421		}
422
423		/**
424		* Randomize master user and its token.
425		*/
426		public function admin_post_randomize_master_user_and_token() {
427		check_admin_referer( 'randomize-master-user-and-token' );
428		$this->notice_type = 'jetpack-broken';
429		$current_id = Jetpack_Options::get_option( 'master_user' );
430		$random_id = wp_rand( $current_id + 1, $current_id + 100 );
431		Jetpack_Options::update_option( 'master_user', $random_id );
432		$user_tokens = Jetpack_Options::get_option( 'user_tokens', array() );
433		if ( isset( $user_tokens[ $current_id ] ) ) {
434		$user_tokens[ $random_id ] = substr( $user_tokens[ $current_id ], 0, strrpos( $user_tokens[ $current_id ], '.' ) ) . ".$random_id";
435		unset( $user_tokens[ $current_id ] );
436		}
437		Jetpack_Options::update_option( 'user_tokens', $user_tokens );
438		$this->admin_post_redirect_referrer();
439		}
440
441		/**
442		* Clear master user.
443		*/
444		public function admin_post_clear_master_user() {
445		check_admin_referer( 'clear-master-user' );
446		$this->notice_type = 'jetpack-broken';
447		Jetpack_Options::delete_option( 'master_user' );
448		$this->admin_post_redirect_referrer();
449		}
450
451		/**
452		* Randomize blog ID.
453		*/
454		public function admin_post_randomize_blog_id() {
455		check_admin_referer( 'randomize-blog-id' );
456		$this->notice_type = 'jetpack-broken';
457		Jetpack_Options::update_option( 'id', wp_rand( 100, 10000 ) );
458		$this->admin_post_redirect_referrer();
459		}
460
461		/**
462		* Clear blog ID.
463		*/
464		public function admin_post_clear_blog_id() {
465		check_admin_referer( 'clear-blog-id' );
466		$this->notice_type = 'jetpack-broken';
467		Jetpack_Options::delete_option( 'id' );
468		$this->admin_post_redirect_referrer();
469		}
470
471		/**
472		* Stores a backup of the current Jetpack connection options.
473		*/
474		public function store_current_options() {
475		update_option(
476		self::STORED_OPTIONS_KEY,
477		array(
478		'blog_token' => $this->blog_token,
479		'user_tokens' => $this->user_tokens,
480		'master_user' => $this->master_user,
481		'id' => $this->id,
482		'tos_agreed' => $this->tos_agreed,
483		)
484		);
485		}
486
487		/**
488		* Retrieves the stored connection options.
489		*
490		* @return array
491		*/
492		public function get_stored_connection_options() {
493		return get_option( self::STORED_OPTIONS_KEY );
494		}
495
496		/**
497		* Clears all stored connection option values.
498		*/
499		public function clear_stored_options() {
500		delete_option( self::STORED_OPTIONS_KEY );
501		}
502
503		/**
504		* Just redirects back to the referrer. Keeping it DRY.
505		*/
506		public function admin_post_redirect_referrer() {
507		if ( wp_get_referer() ) {
508		wp_safe_redirect(
509		add_query_arg(
510		array(
511		'notice' => $this->notice_type,
512		'nonce' => wp_create_nonce( 'jetpack_debug_broken_token_admin_notice' ),
513		),
514		wp_get_referer()
515		)
516		);
517		} else {
518		wp_safe_redirect( get_home_url() );
519		}
520		}
521
522		/**
523		* Displays an admin notice...
524		*/
525		public function render_admin_notice() {
526		switch ( $this->notice_type ) {
527		case 'jetpack-broken':
528		$message = 'Nice! You broke Jetpack!';
529		break;
530		case 'store-options':
531		$message = 'Success! Backup of the connection options stored safely.';
532		break;
533		case 'restore-options':
534		$message = 'Success! You\'ve restored the connection options. I hope things are working well now.';
535		break;
536		case 'clear-tos':
537		$message = 'You cleared the TOS option! Nicely done!';
538		break;
539		default:
540		$message = 'Setting saved!';
541		break;
542		}
543
544		printf( '<div class="notice notice-success"><p>%s</p></div>', esc_html( $message ) );
545		}
546
547		/**
548		* Clear TOS action.
549		*/
550		public function admin_post_clear_tos() {
551		check_admin_referer( 'clear-tos' );
552		$this->notice_type = 'clear-tos';
553		$this->clear_tos();
554
555		$this->admin_post_redirect_referrer();
556		}
557
558		/**
559		* Clear the TOS option.
560		*/
561		public function clear_tos() {
562		Jetpack_Options::delete_option( 'tos_agreed' );
563		}
564		}
565
566		add_action( 'plugins_loaded', 'register_broken_token', 1000 );
567
568		/**
569		* Load the brokenness.
570		*/
571		function register_broken_token() {
572		if ( class_exists( 'Jetpack_Options' ) ) {
573		new Broken_Token();
574		if ( class_exists( 'Automattic\Jetpack\Connection\Error_Handler' ) ) {
575		new Broken_Token_XmlRpc();
576		}
577		} else {
578		add_action( 'admin_notices', 'broken_token_jetpack_not_active' );
579		}
580		}
581
582		/**
583		* Notice for if Jetpack is not active.
584		*/
585		function broken_token_jetpack_not_active() {
586		echo '<div class="notice info"><p>Jetpack Debug tools: Jetpack_Options package must be present for the Broken Token to work.</p></div>';
587		}
588
589		// phpcs:enable
590

Automattic / jetpack