1 | <?php |
||
2 | /** |
||
3 | * Webhook controller |
||
4 | * |
||
5 | * @author Pronamic <[email protected]> |
||
6 | * @copyright 2005-2020 Pronamic |
||
7 | * @license GPL-3.0-or-later |
||
8 | * @package Pronamic\WordPress\Pay\Gateways\Mollie |
||
9 | */ |
||
10 | |||
11 | namespace Pronamic\WordPress\Pay\Gateways\Mollie; |
||
12 | |||
13 | use Pronamic\WordPress\Pay\Plugin; |
||
14 | |||
15 | /** |
||
16 | * Webhook controller |
||
17 | * |
||
18 | * @link https://docs.mollie.com/guides/webhooks |
||
19 | * |
||
20 | * @author Remco Tolsma |
||
21 | * @version 2.1.0 |
||
22 | * @since 2.1.0 |
||
23 | */ |
||
24 | class WebhookController { |
||
25 | /** |
||
26 | * Setup. |
||
27 | * |
||
28 | * @return void |
||
29 | */ |
||
30 | public function setup() { |
||
31 | add_action( 'rest_api_init', array( $this, 'rest_api_init' ) ); |
||
32 | |||
33 | add_action( 'wp_loaded', array( $this, 'wp_loaded' ) ); |
||
34 | } |
||
35 | |||
36 | /** |
||
37 | * REST API init. |
||
38 | * |
||
39 | * @link https://developer.wordpress.org/rest-api/extending-the-rest-api/adding-custom-endpoints/ |
||
40 | * @link https://developer.wordpress.org/reference/hooks/rest_api_init/ |
||
41 | * |
||
42 | * @return void |
||
43 | */ |
||
44 | public function rest_api_init() { |
||
45 | register_rest_route( |
||
46 | Integration::REST_ROUTE_NAMESPACE, |
||
47 | '/webhook', |
||
48 | array( |
||
49 | 'methods' => 'POST', |
||
50 | 'callback' => array( $this, 'rest_api_mollie_webhook' ), |
||
51 | 'args' => array( |
||
52 | 'id' => array( |
||
53 | 'required' => true, |
||
54 | ), |
||
55 | ), |
||
56 | ) |
||
57 | ); |
||
58 | } |
||
59 | |||
60 | /** |
||
61 | * REST API Mollie webhook handler. |
||
62 | * |
||
63 | * @param \WP_REST_Request $request Request. |
||
64 | * @return object |
||
65 | */ |
||
66 | public function rest_api_mollie_webhook( \WP_REST_Request $request ) { |
||
67 | $id = $request->get_param( 'id' ); |
||
68 | |||
69 | /** |
||
70 | * Result. |
||
71 | * |
||
72 | * @link https://developer.wordpress.org/reference/functions/wp_send_json_success/ |
||
73 | */ |
||
74 | $response = \rest_ensure_response( |
||
75 | array( |
||
76 | 'success' => true, |
||
77 | 'id' => $id, |
||
78 | ) |
||
79 | ); |
||
80 | |||
81 | $response->add_link( 'self', rest_url( $request->get_route() ) ); |
||
82 | |||
83 | $payment = \get_pronamic_payment_by_transaction_id( $id ); |
||
84 | |||
85 | if ( null === $payment ) { |
||
86 | /** |
||
87 | * How to handle unknown IDs? |
||
88 | * |
||
89 | * To not leak any information to malicious third parties, it is recommended |
||
90 | * to return a 200 OK response even if the ID is not known to your system. |
||
91 | * |
||
92 | * @link https://docs.mollie.com/guides/webhooks#how-to-handle-unknown-ids |
||
93 | */ |
||
94 | return $response; |
||
0 ignored issues
–
show
Bug
Best Practice
introduced
by
Loading history...
|
|||
95 | } |
||
96 | |||
97 | // Add note. |
||
98 | $note = \sprintf( |
||
99 | /* translators: %s: Mollie */ |
||
100 | \__( 'Webhook requested by %s.', 'pronamic_ideal' ), |
||
101 | \__( 'Mollie', 'pronamic_ideal' ) |
||
102 | ); |
||
103 | |||
104 | $payment->add_note( $note ); |
||
105 | |||
106 | // Log webhook request. |
||
107 | \do_action( 'pronamic_pay_webhook_log_payment', $payment ); |
||
108 | |||
109 | // Update payment. |
||
110 | Plugin::update_payment( $payment, false ); |
||
111 | |||
112 | return $response; |
||
113 | } |
||
114 | |||
115 | /** |
||
116 | * WordPress loaded, check for deprecated webhook call. |
||
117 | * |
||
118 | * @link https://github.com/WordPress/WordPress/blob/5.3/wp-includes/rest-api.php#L277-L309 |
||
119 | * @return void |
||
120 | */ |
||
121 | public function wp_loaded() { |
||
122 | if ( ! filter_has_var( INPUT_GET, 'mollie_webhook' ) ) { |
||
123 | return; |
||
124 | } |
||
125 | |||
126 | if ( ! filter_has_var( INPUT_POST, 'id' ) ) { |
||
127 | return; |
||
128 | } |
||
129 | |||
130 | \rest_get_server()->serve_request( '/pronamic-pay/mollie/v1/webhook' ); |
||
131 | |||
132 | exit; |
||
133 | } |
||
134 | } |
||
135 |