Jetpack_XMLRPC_Methods::jetpack_xmlrpc_server_event() - Code Metrics - Inspection of "Merge branch 'update/remove_onboarding_token_from_..." - Automattic/jetpack - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — update/remove_onboarding_token... ( 47988c...bda1da )

unknown

created 2021-05-13 15:21 UTC

jetpack_xmlrpc_server_event() A

↳ Parent: Jetpack_XMLRPC_Methods

Complexity

Conditions	3
Paths	2

Size

Total Lines

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
cc	3
nc	2
nop	4
dl	0
loc	5
rs	10
c	0
b	0
f	0

<?php
/**
 * Jetpack XMLRPC Methods.
 *
 * Registers the Jetpack specific XMLRPC methods
 *
 * @package jetpack
 */

use Automattic\Jetpack\Connection\Manager as Connection_Manager;
use Automattic\Jetpack\Connection\Tokens;

/**
 * XMLRPC Methods registration and callbacks
 */
class Jetpack_XMLRPC_Methods {

	/**
	 * Initialize the main hooks.
	 */
	public static function init() {
		add_filter( 'jetpack_xmlrpc_unauthenticated_methods', array( __CLASS__, 'xmlrpc_methods' ) );
		add_filter( 'jetpack_xmlrpc_test_connection_response', array( __CLASS__, 'test_connection' ) );
		add_filter( 'jetpack_remote_xmlrpc_provision_response', array( __CLASS__, 'remote_provision_response' ), 10, 2 );
		add_action( 'jetpack_xmlrpc_server_event', array( __CLASS__, 'jetpack_xmlrpc_server_event' ), 10, 4 );
		add_action( 'jetpack_remote_connect_end', array( __CLASS__, 'remote_connect_end' ) );
	}

	/**
	 * Adds Jetpack specific methods to the methods added by the Connection package.
	 *
	 * @param array $methods Methods added by the Connection package.
	 */
	public static function xmlrpc_methods( $methods ) {

		$methods['jetpack.featuresAvailable'] = array( __CLASS__, 'features_available' );
		$methods['jetpack.featuresEnabled']   = array( __CLASS__, 'features_enabled' );
		$methods['jetpack.disconnectBlog']    = array( __CLASS__, 'disconnect_blog' );
		$methods['jetpack.jsonAPI']           = array( __CLASS__, 'json_api' );

		return $methods;
	}

	/**
	 * Returns what features are available. Uses the slug of the module files.
	 *
	 * @return array
	 */
	public static function features_available() {
		$raw_modules = Jetpack::get_available_modules();
		$modules     = array();
		foreach ( $raw_modules as $module ) {
			$modules[] = Jetpack::get_module_slug( $module );
		}

		return $modules;
	}

	/**
	 * Returns what features are enabled. Uses the slug of the modules files.
	 *
	 * @return array
	 */
	public static function features_enabled() {
		$raw_modules = Jetpack::get_active_modules();
		$modules     = array();
		foreach ( $raw_modules as $module ) {
			$modules[] = Jetpack::get_module_slug( $module );
		}

		return $modules;
	}

	/**
	 * Filters the result of test_connection XMLRPC method
	 *
	 * @return string The current Jetpack version number
	 */
	public static function test_connection() {
		return JETPACK__VERSION;
	}

	/**
	 * Disconnect this blog from the connected wordpress.com account
	 *
	 * @return boolean
	 */
	public static function disconnect_blog() {

		/**
		 * Fired when we want to log an event to the Jetpack event log.
		 *
		 * @since 7.7.0
		 *
		 * @param string $code Unique name for the event.
		 * @param string $data Optional data about the event.
		 */
		do_action( 'jetpack_event_log', 'disconnect' );
		Jetpack::disconnect();

		return true;
	}

	/**
	 * Serve a JSON API request.
	 *
	 * @param array $args request arguments.
	 */
	public static function json_api( $args = array() ) {
		$json_api_args        = $args[0];
		$verify_api_user_args = $args[1];

		$method       = (string) $json_api_args[0];
		$url          = (string) $json_api_args[1];
		$post_body    = is_null( $json_api_args[2] ) ? null : (string) $json_api_args[2];
		$user_details = (array) $json_api_args[4];
		$locale       = (string) $json_api_args[5];

		if ( ! $verify_api_user_args ) {
			$user_id = 0;
		} elseif ( 'internal' === $verify_api_user_args[0] ) {
			$user_id = (int) $verify_api_user_args[1];
			if ( $user_id ) {
				$user = get_user_by( 'id', $user_id );
				if ( ! $user || is_wp_error( $user ) ) {
					return false;
				}
			}
		} else {
			$user_id = call_user_func( array( new Jetpack_XMLRPC_Server(), 'test_api_user_code' ), $verify_api_user_args );
			if ( ! $user_id ) {
				return false;
			}
		}

		if ( 'en' !== $locale ) {
			// .org mo files are named slightly different from .com, and all we have is this the locale -- try to guess them.
			$new_locale = $locale;
			if ( strpos( $locale, '-' ) !== false ) {
				$locale_pieces = explode( '-', $locale );
				$new_locale    = $locale_pieces[0];
				$new_locale   .= ( ! empty( $locale_pieces[1] ) ) ? '_' . strtoupper( $locale_pieces[1] ) : '';
			} else {
				// .com might pass 'fr' because thats what our language files are named as, where core seems
				// to do fr_FR - so try that if we don't think we can load the file.
				if ( ! file_exists( WP_LANG_DIR . '/' . $locale . '.mo' ) ) {
					$new_locale = $locale . '_' . strtoupper( $locale );
				}
			}

			if ( file_exists( WP_LANG_DIR . '/' . $new_locale . '.mo' ) ) {
				unload_textdomain( 'default' );
				load_textdomain( 'default', WP_LANG_DIR . '/' . $new_locale . '.mo' );
			}
		}

		$old_user = wp_get_current_user();
		wp_set_current_user( $user_id );

		if ( $user_id ) {
			$token_key = false;
		} else {
			$verified  = ( new Connection_Manager() )->verify_xml_rpc_signature();
			$token_key = $verified['token_key'];
		}

		$token = ( new Tokens() )->get_access_token( $user_id, $token_key );
		if ( ! $token || is_wp_error( $token ) ) {
			return false;
		}

		define( 'REST_API_REQUEST', true );
		define( 'WPCOM_JSON_API__BASE', 'public-api.wordpress.com/rest/v1' );

		// needed?
		require_once ABSPATH . 'wp-admin/includes/admin.php';

		require_once JETPACK__PLUGIN_DIR . 'class.json-api.php';
		$api                        = WPCOM_JSON_API::init( $method, $url, $post_body );
		$api->token_details['user'] = $user_details;
		require_once JETPACK__PLUGIN_DIR . 'class.json-api-endpoints.php';

		$display_errors = ini_set( 'display_errors', 0 ); // phpcs:ignore WordPress.PHP.IniSet
		ob_start();
		$api->serve( false );
		$output = ob_get_clean();
		ini_set( 'display_errors', $display_errors ); // phpcs:ignore WordPress.PHP.IniSet

		$nonce = wp_generate_password( 10, false );
		$hmac  = hash_hmac( 'md5', $nonce . $output, $token->secret );

		wp_set_current_user( isset( $old_user->ID ) ? $old_user->ID : 0 );

		return array(
			(string) $output,
			(string) $nonce,
			(string) $hmac,
		);
	}

	/**
	 * Filters the response of the remote_provision XMLRPC method
	 *
	 * @param array $response The response.
	 * @param array $request An array containing at minimum a nonce key and a local_username key.
	 *
	 * @since 9.8.0
	 * @return array
	 */
	public static function remote_provision_response( $response, $request ) {
		if ( ! empty( $request['onboarding'] ) ) {
			Jetpack::create_onboarding_token();
			$response['onboarding_token'] = Jetpack_Options::get_option( 'onboarding' );
		}
		return $response;
	}

	/**
	 * Runs Jetpack specific action in xmlrpc server events
	 *
	 * @param String  $action the action name, i.e., 'remote_authorize'.
	 * @param String  $stage  the execution stage, can be 'begin', 'success', 'error', etc.
	 * @param array   $parameters extra parameters from the event.
	 * @param WP_User $user the acting user.

	 * @return void
	 */
	public static function jetpack_xmlrpc_server_event( $action, $stage, $parameters = array(), $user = null ) { //phpcs:ignore VariableAnalysis.CodeAnalysis.VariableAnalysis.UnusedVariable
		if ( 'remote_register' === $action && 'begin' === $stage ) {
			Jetpack::maybe_set_version_option();
		}
	}

	/**
	 * Hooks into the remote_connect XMLRPC endpoint and triggers Jetpack::handle_post_authorization_actions
	 *
	 * @since 9.8.0
	 * @return void
	 */
	public static function remote_connect_end() {
		/** This filter is documented in class.jetpack-cli.php */
		$enable_sso = apply_filters( 'jetpack_start_enable_sso', true );
		Jetpack::handle_post_authorization_actions( $enable_sso, false, false );
	}
}


1		<?php
2		/**
3		* Jetpack XMLRPC Methods.
4		*
5		* Registers the Jetpack specific XMLRPC methods
6		*
7		* @package jetpack
8		*/
9
10		use Automattic\Jetpack\Connection\Manager as Connection_Manager;
11		use Automattic\Jetpack\Connection\Tokens;
12
13		/**
14		* XMLRPC Methods registration and callbacks
15		*/
16		class Jetpack_XMLRPC_Methods {
17
18		/**
19		* Initialize the main hooks.
20		*/
21		public static function init() {
22		add_filter( 'jetpack_xmlrpc_unauthenticated_methods', array( __CLASS__, 'xmlrpc_methods' ) );
23		add_filter( 'jetpack_xmlrpc_test_connection_response', array( __CLASS__, 'test_connection' ) );
24		add_filter( 'jetpack_remote_xmlrpc_provision_response', array( __CLASS__, 'remote_provision_response' ), 10, 2 );
25		add_action( 'jetpack_xmlrpc_server_event', array( __CLASS__, 'jetpack_xmlrpc_server_event' ), 10, 4 );
26		add_action( 'jetpack_remote_connect_end', array( __CLASS__, 'remote_connect_end' ) );
27		}
28
29		/**
30		* Adds Jetpack specific methods to the methods added by the Connection package.
31		*
32		* @param array $methods Methods added by the Connection package.
33		*/
34		public static function xmlrpc_methods( $methods ) {
35
36		$methods['jetpack.featuresAvailable'] = array( __CLASS__, 'features_available' );
37		$methods['jetpack.featuresEnabled'] = array( __CLASS__, 'features_enabled' );
38		$methods['jetpack.disconnectBlog'] = array( __CLASS__, 'disconnect_blog' );
39		$methods['jetpack.jsonAPI'] = array( __CLASS__, 'json_api' );
40
41		return $methods;
42		}
43
44		/**
45		* Returns what features are available. Uses the slug of the module files.
46		*
47		* @return array
48		*/
49	View Code Duplication	public static function features_available() {
50		$raw_modules = Jetpack::get_available_modules();
51		$modules = array();
52		foreach ( $raw_modules as $module ) {
53		$modules[] = Jetpack::get_module_slug( $module );
54		}
55
56		return $modules;
57		}
58
59		/**
60		* Returns what features are enabled. Uses the slug of the modules files.
61		*
62		* @return array
63		*/
64	View Code Duplication	public static function features_enabled() {
65		$raw_modules = Jetpack::get_active_modules();
66		$modules = array();
67		foreach ( $raw_modules as $module ) {
68		$modules[] = Jetpack::get_module_slug( $module );
69		}
70
71		return $modules;
72		}
73
74		/**
75		* Filters the result of test_connection XMLRPC method
76		*
77		* @return string The current Jetpack version number
78		*/
79		public static function test_connection() {
80		return JETPACK__VERSION;
81		}
82
83		/**
84		* Disconnect this blog from the connected wordpress.com account
85		*
86		* @return boolean
87		*/
88		public static function disconnect_blog() {
89
90		/**
91		* Fired when we want to log an event to the Jetpack event log.
92		*
93		* @since 7.7.0
94		*
95		* @param string $code Unique name for the event.
96		* @param string $data Optional data about the event.
97		*/
98		do_action( 'jetpack_event_log', 'disconnect' );
99		Jetpack::disconnect();
100
101		return true;
102		}
103
104		/**
105		* Serve a JSON API request.
106		*
107		* @param array $args request arguments.
108		*/
109		public static function json_api( $args = array() ) {
110		$json_api_args = $args[0];
111		$verify_api_user_args = $args[1];
112
113		$method = (string) $json_api_args[0];
114		$url = (string) $json_api_args[1];
115		$post_body = is_null( $json_api_args[2] ) ? null : (string) $json_api_args[2];
116		$user_details = (array) $json_api_args[4];
117		$locale = (string) $json_api_args[5];
118
119		if ( ! $verify_api_user_args ) {
120		$user_id = 0;
121		} elseif ( 'internal' === $verify_api_user_args[0] ) {
122		$user_id = (int) $verify_api_user_args[1];
123		if ( $user_id ) {
124		$user = get_user_by( 'id', $user_id );
125		if ( ! $user \|\| is_wp_error( $user ) ) {
126		return false;
127		}
128		}
129		} else {
130		$user_id = call_user_func( array( new Jetpack_XMLRPC_Server(), 'test_api_user_code' ), $verify_api_user_args );
131		if ( ! $user_id ) {
132		return false;
133		}
134		}
135
136		if ( 'en' !== $locale ) {
137		// .org mo files are named slightly different from .com, and all we have is this the locale -- try to guess them.
138		$new_locale = $locale;
139		if ( strpos( $locale, '-' ) !== false ) {
140		$locale_pieces = explode( '-', $locale );
141		$new_locale = $locale_pieces[0];
142		$new_locale .= ( ! empty( $locale_pieces[1] ) ) ? '_' . strtoupper( $locale_pieces[1] ) : '';
143		} else {
144		// .com might pass 'fr' because thats what our language files are named as, where core seems
145		// to do fr_FR - so try that if we don't think we can load the file.
146		if ( ! file_exists( WP_LANG_DIR . '/' . $locale . '.mo' ) ) {
147		$new_locale = $locale . '_' . strtoupper( $locale );
148		}
149		}
150
151		if ( file_exists( WP_LANG_DIR . '/' . $new_locale . '.mo' ) ) {
152		unload_textdomain( 'default' );
153		load_textdomain( 'default', WP_LANG_DIR . '/' . $new_locale . '.mo' );
154		}
155		}
156
157		$old_user = wp_get_current_user();
158		wp_set_current_user( $user_id );
159
160		if ( $user_id ) {
161		$token_key = false;
162		} else {
163		$verified = ( new Connection_Manager() )->verify_xml_rpc_signature();
164		$token_key = $verified['token_key'];
165		}
166
167		$token = ( new Tokens() )->get_access_token( $user_id, $token_key );
168		if ( ! $token \|\| is_wp_error( $token ) ) {
169		return false;
170		}
171
172		define( 'REST_API_REQUEST', true );
173		define( 'WPCOM_JSON_API__BASE', 'public-api.wordpress.com/rest/v1' );
174
175		// needed?
176		require_once ABSPATH . 'wp-admin/includes/admin.php';
177
178		require_once JETPACK__PLUGIN_DIR . 'class.json-api.php';
179		$api = WPCOM_JSON_API::init( $method, $url, $post_body );
180		$api->token_details['user'] = $user_details;
181		require_once JETPACK__PLUGIN_DIR . 'class.json-api-endpoints.php';
182
183		$display_errors = ini_set( 'display_errors', 0 ); // phpcs:ignore WordPress.PHP.IniSet
184		ob_start();
185		$api->serve( false );
186		$output = ob_get_clean();
187		ini_set( 'display_errors', $display_errors ); // phpcs:ignore WordPress.PHP.IniSet
188
189		$nonce = wp_generate_password( 10, false );
190		$hmac = hash_hmac( 'md5', $nonce . $output, $token->secret );
191
192		wp_set_current_user( isset( $old_user->ID ) ? $old_user->ID : 0 );
193
194		return array(
195		(string) $output,
196		(string) $nonce,
197		(string) $hmac,
198		);
199		}
200
201		/**
202		* Filters the response of the remote_provision XMLRPC method
203		*
204		* @param array $response The response.
205		* @param array $request An array containing at minimum a nonce key and a local_username key.
206		*
207		* @since 9.8.0
208		* @return array
209		*/
210		public static function remote_provision_response( $response, $request ) {
211		if ( ! empty( $request['onboarding'] ) ) {
212		Jetpack::create_onboarding_token();
213		$response['onboarding_token'] = Jetpack_Options::get_option( 'onboarding' );
214		}
215		return $response;
216		}
217
218		/**
219		* Runs Jetpack specific action in xmlrpc server events
220		*
221		* @param String $action the action name, i.e., 'remote_authorize'.
222		* @param String $stage the execution stage, can be 'begin', 'success', 'error', etc.
223		* @param array $parameters extra parameters from the event.
224		* @param WP_User $user the acting user.
		0 ignored issues – show Documentation introduced 2021-04-29 03:17 UTC by Report Bug Copy Issue Report Should the type for parameter `$user` not be `WP_User\|null`? This check looks for `@param` annotations where the type inferred by our type inference engine differs from the declared type. It makes a suggestion as to what type it considers more descriptive. Most often this is a case of a parameter that can be null in addition to its declared types. Loading history...
225		* @return void
226		*/
227		public static function jetpack_xmlrpc_server_event( $action, $stage, $parameters = array(), $user = null ) { //phpcs:ignore VariableAnalysis.CodeAnalysis.VariableAnalysis.UnusedVariable
228		if ( 'remote_register' === $action && 'begin' === $stage ) {
229		Jetpack::maybe_set_version_option();
230		}
231		}
232
233		/**
234		* Hooks into the remote_connect XMLRPC endpoint and triggers Jetpack::handle_post_authorization_actions
235		*
236		* @since 9.8.0
237		* @return void
238		*/
239		public static function remote_connect_end() {
240		/** This filter is documented in class.jetpack-cli.php */
241		$enable_sso = apply_filters( 'jetpack_start_enable_sso', true );
242		Jetpack::handle_post_authorization_actions( $enable_sso, false, false );
243		}
244		}
245

Automattic / jetpack

Push — update/remove_onboarding_token... ( 47988c...bda1da )

jetpack_xmlrpc_server_event() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like