NotificationsController::rest_api_adyen_permissions_check() - Code Metrics - wp-pay-gateways/adyen - Measure and Improve Code Quality continuously with Scrutinizer

rest_api_adyen_permissions_check() A
last analyzed 2021-01-14 09:13 UTC

↳ Parent: NotificationsController

Complexity

Conditions	5
Paths	4

Size

Total Lines	39
Code Lines	18

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	13
CRAP Score	5.7873

Importance

Changes	3
Bugs	0	Features	0

Metric	Value
cc	5
eloc	18
c	3
b	0
f	0
nc	4
nop	1
dl	0
loc	39
ccs	13
cts	19
cp	0.6842
crap	5.7873
rs	9.3554

<?php
/**
 * Notifications controller
 *
 * @author    Pronamic <[email protected]>
 * @copyright 2005-2020 Pronamic
 * @license   GPL-3.0-or-later
 * @package   Pronamic\WordPress\Pay\Gateways\Adyen
 */

namespace Pronamic\WordPress\Pay\Gateways\Adyen;

use JsonSchema\Exception\ValidationException;
use Pronamic\WordPress\Pay\Payments\PaymentStatus as PaymentStatus;
use WP_Error;
use WP_REST_Request;

/**
 * Notification controller
 *
 * @link https://docs.adyen.com/developers/api-reference/notifications-api#notificationrequest
 *
 * @author  Remco Tolsma
 * @version 1.0.5
 * @since   1.0.0
 */
class NotificationsController {
	/**
	 * Setup.
	 *
	 * @return void
	 */
	public function setup() {
		add_action( 'rest_api_init', array( $this, 'rest_api_init' ) );
	}

	/**
	 * REST API init.
	 *
	 * @link https://developer.wordpress.org/rest-api/extending-the-rest-api/adding-custom-endpoints/
	 * @link https://developer.wordpress.org/reference/hooks/rest_api_init/
	 *
	 * @return void
	 */
	public function rest_api_init() {
		register_rest_route(
			Integration::REST_ROUTE_NAMESPACE,
			'/notifications',
			array(
				'methods'             => 'POST',
				'callback'            => array( $this, 'rest_api_adyen_notifications' ),
				'permission_callback' => array( $this, 'rest_api_adyen_permissions_check' ),
			)
		);
	}

	/**
	 * REST API Adyen permissions check.
	 *
	 * @link https://developer.wordpress.org/rest-api/extending-the-rest-api/adding-custom-endpoints/#permissions-callback
	 *
	 * @param WP_REST_Request $request Request.
	 * @return true|WP_Error
	 */
	public function rest_api_adyen_permissions_check( WP_REST_Request $request ) {
		$username = get_option( 'pronamic_pay_adyen_notification_authentication_username' );
		$password = get_option( 'pronamic_pay_adyen_notification_authentication_password' );

		if ( empty( $username ) && empty( $password ) ) {
			return true;
		}

		$authorization = $request->get_header( 'Authorization' );

		/**
		 * Authorization header missing.
		 *
		 * @link https://basecamp.com/1810084/projects/10966871/todos/403544593
		 * @link https://github.com/WordPress/WordPress/blob/5.2/wp-includes/rest-api/class-wp-rest-request.php#L188-L208
		 * @link https://www.wp-pay.org/http-authorization-header-missing/
		 */
		if ( null === $authorization ) {
			return new WP_Error(
				'rest_forbidden_context',
				sprintf(
					/* translators: %s: Help URL. */
					__( 'HTTP Authorization header is missing, read %s for more information.', 'pronamic_ideal' ),
					'https://www.wp-pay.org/http-authorization-header-missing/'
				),
				array( 'status' => rest_authorization_required_code() )
			);
		}

		// phpcs:ignore WordPress.PHP.DiscouragedPHPFunctions.obfuscation_base64_encode -- Benign reason.
		if ( 'Basic ' . base64_encode( $username . ':' . $password ) === $authorization ) {
			return true;
		}

		return new WP_Error(
			'rest_forbidden_context',
			/* translators: Translate 'notification' the same as in the Adyen dashboard. */
			_x( 'Sorry, you are not allowed to post Adyen notifications.', 'Adyen', 'pronamic_ideal' ),
			array( 'status' => rest_authorization_required_code() )
		);
	}

	/**
	 * REST API Adyen notifications handler.
	 *
	 * @param WP_REST_Request $request Request.
	 * @return object
	 */
	public function rest_api_adyen_notifications( WP_REST_Request $request ) {
		$json = $request->get_body();

		$data = json_decode( $json );

		try {
			$notification_request = NotificationRequest::from_object( $data );
		} catch ( ValidationException $e ) {
			return new WP_Error(
				'adyen_invalid_notification',
				/* translators: Translate 'notification' the same as in the Adyen dashboard. */
				_x( 'Cannot parse JSON notification.', 'Adyen', 'pronamic_ideal' ),
				array( 'status' => 500 )
			);
		}

		foreach ( $notification_request->get_items() as $item ) {
			$payment = get_pronamic_payment( $item->get_merchant_reference() );

			if ( null === $payment ) {
				continue;
			}

			// Add note.
			$note = sprintf(
				'<p>%s</p>',
				sprintf(
					/* translators: %s: payment provider name */
					__( 'Webhook requested by %s.', 'pronamic_ideal' ),
					__( 'Adyen', 'pronamic_ideal' )
				)
			);

			$json = wp_json_encode( $item->get_json(), JSON_PRETTY_PRINT );

			if ( false !== $json ) {
				$note .= sprintf(
					'<pre>%s</pre>',
					$json
				);
			}

			$payment->add_note( $note );

			do_action( 'pronamic_pay_webhook_log_payment', $payment );

			// Authorization.
			if ( EventCode::AUTHORIZATION === $item->get_event_code() ) {
				$payment->set_status( $item->is_success() ? PaymentStatus::SUCCESS : PaymentStatus::FAILURE );

				$payment->save();
			}
		}

		$response = (object) array(
			'notificationResponse' => '[accepted]',
		);

		return $response;
	}
}


1		<?php
2		/**
3		* Notifications controller
4		*
5		* @author Pronamic <[email protected]>
6		* @copyright 2005-2020 Pronamic
7		* @license GPL-3.0-or-later
8		* @package Pronamic\WordPress\Pay\Gateways\Adyen
9		*/
10
11		namespace Pronamic\WordPress\Pay\Gateways\Adyen;
12
13		use JsonSchema\Exception\ValidationException;
14		use Pronamic\WordPress\Pay\Payments\PaymentStatus as PaymentStatus;
15		use WP_Error;
16		use WP_REST_Request;
17
18		/**
19		* Notification controller
20		*
21		* @link https://docs.adyen.com/developers/api-reference/notifications-api#notificationrequest
22		*
23		* @author Remco Tolsma
24		* @version 1.0.5
25		* @since 1.0.0
26		*/
27		class NotificationsController {
28		/**
29		* Setup.
30		*
31		* @return void
32		*/
33	7	public function setup() {
34	7	add_action( 'rest_api_init', array( $this, 'rest_api_init' ) );
35	7	}
36
37		/**
38		* REST API init.
39		*
40		* @link https://developer.wordpress.org/rest-api/extending-the-rest-api/adding-custom-endpoints/
41		* @link https://developer.wordpress.org/reference/hooks/rest_api_init/
42		*
43		* @return void
44		*/
45	10	public function rest_api_init() {
46	10	register_rest_route(
47	10	Integration::REST_ROUTE_NAMESPACE,
48	10	'/notifications',
49		array(
50	10	'methods' => 'POST',
51	10	'callback' => array( $this, 'rest_api_adyen_notifications' ),
52	10	'permission_callback' => array( $this, 'rest_api_adyen_permissions_check' ),
53		)
54		);
55	10	}
56
57		/**
58		* REST API Adyen permissions check.
59		*
60		* @link https://developer.wordpress.org/rest-api/extending-the-rest-api/adding-custom-endpoints/#permissions-callback
61		*
62		* @param WP_REST_Request $request Request.
63		* @return true\|WP_Error
64		*/
65	6	public function rest_api_adyen_permissions_check( WP_REST_Request $request ) {
66	6	$username = get_option( 'pronamic_pay_adyen_notification_authentication_username' );
67	6	$password = get_option( 'pronamic_pay_adyen_notification_authentication_password' );
68
69	6	if ( empty( $username ) && empty( $password ) ) {
70	4	return true;
71		}
72
73	2	$authorization = $request->get_header( 'Authorization' );
74
75		/**
76		* Authorization header missing.
77		*
78		* @link https://basecamp.com/1810084/projects/10966871/todos/403544593
79		* @link https://github.com/WordPress/WordPress/blob/5.2/wp-includes/rest-api/class-wp-rest-request.php#L188-L208
80		* @link https://www.wp-pay.org/http-authorization-header-missing/
81		*/
82	2	if ( null === $authorization ) {
83		return new WP_Error(
84		'rest_forbidden_context',
85		sprintf(
86		/* translators: %s: Help URL. */
87		__( 'HTTP Authorization header is missing, read %s for more information.', 'pronamic_ideal' ),
88		'https://www.wp-pay.org/http-authorization-header-missing/'
89		),
90		array( 'status' => rest_authorization_required_code() )
91		);
92		}
93
94		// phpcs:ignore WordPress.PHP.DiscouragedPHPFunctions.obfuscation_base64_encode -- Benign reason.
95	2	if ( 'Basic ' . base64_encode( $username . ':' . $password ) === $authorization ) {
96	1	return true;
97		}
98
99	1	return new WP_Error(
100	1	'rest_forbidden_context',
101		/* translators: Translate 'notification' the same as in the Adyen dashboard. */
102	1	_x( 'Sorry, you are not allowed to post Adyen notifications.', 'Adyen', 'pronamic_ideal' ),
103	1	array( 'status' => rest_authorization_required_code() )
104		);
105		}
106
107		/**
108		* REST API Adyen notifications handler.
109		*
110		* @param WP_REST_Request $request Request.
111		* @return object
112		*/
113	5	public function rest_api_adyen_notifications( WP_REST_Request $request ) {
114	5	$json = $request->get_body();
115
116	5	$data = json_decode( $json );
117
118		try {
119	5	$notification_request = NotificationRequest::from_object( $data );
120	2	} catch ( ValidationException $e ) {
121	2	return new WP_Error(
122	2	'adyen_invalid_notification',
123		/* translators: Translate 'notification' the same as in the Adyen dashboard. */
124	2	_x( 'Cannot parse JSON notification.', 'Adyen', 'pronamic_ideal' ),
125	2	array( 'status' => 500 )
126		);
127		}
128
129	3	foreach ( $notification_request->get_items() as $item ) {
130	3	$payment = get_pronamic_payment( $item->get_merchant_reference() );
131
132	3	if ( null === $payment ) {
133	2	continue;
134		}
135
136		// Add note.
137	1	$note = sprintf(
138	1	'<p>%s</p>',
139	1	sprintf(
140		/* translators: %s: payment provider name */
141	1	__( 'Webhook requested by %s.', 'pronamic_ideal' ),
142	1	__( 'Adyen', 'pronamic_ideal' )
143		)
144		);
145
146	1	$json = wp_json_encode( $item->get_json(), JSON_PRETTY_PRINT );
147
148	1	if ( false !== $json ) {
149	1	$note .= sprintf(
150	1	'<pre>%s</pre>',
151		$json
152		);
153		}
154
155	1	$payment->add_note( $note );
156
157	1	do_action( 'pronamic_pay_webhook_log_payment', $payment );
158
159		// Authorization.
160	1	if ( EventCode::AUTHORIZATION === $item->get_event_code() ) {
161	1	$payment->set_status( $item->is_success() ? PaymentStatus::SUCCESS : PaymentStatus::FAILURE );
162
163	1	$payment->save();
164		}
165		}
166
167		$response = (object) array(
168	3	'notificationResponse' => '[accepted]',
169		);
170
171	3	return $response;
172		}
173		}
174

wp-pay-gateways / adyen

rest_api_adyen_permissions_check() A last analyzed 2021-01-14 09:13 UTC

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like

rest_api_adyen_permissions_check() A
last analyzed 2021-01-14 09:13 UTC