Issues in WebhookController.php - Failed Issues - Inspection of "Merge tag '2.1.1' into develop" - wp-pay-gateways/mollie - Measure and Improve Code Quality continuously with Scrutinizer

Failed Conditions

Push — develop ( 65ab55...ce3cc3 )

by Remco

created 2020-03-19 14:19 UTC

src/WebhookController.php (1 issue)

Labels

Severity

Major 1

<?php
/**
 * Webhook controller
 *
 * @author    Pronamic <[email protected]>
 * @copyright 2005-2020 Pronamic
 * @license   GPL-3.0-or-later
 * @package   Pronamic\WordPress\Pay\Gateways\Mollie
 */

namespace Pronamic\WordPress\Pay\Gateways\Mollie;

use Pronamic\WordPress\Pay\Plugin;

/**
 * Webhook controller
 *
 * @link https://docs.mollie.com/guides/webhooks
 *
 * @author  Remco Tolsma
 * @version 2.1.0
 * @since   2.1.0
 */
class WebhookController {
	/**
	 * Setup.
	 *
	 * @return void
	 */
	public function setup() {
		add_action( 'rest_api_init', array( $this, 'rest_api_init' ) );

		add_action( 'wp_loaded', array( $this, 'wp_loaded' ) );
	}

	/**
	 * REST API init.
	 *
	 * @link https://developer.wordpress.org/rest-api/extending-the-rest-api/adding-custom-endpoints/
	 * @link https://developer.wordpress.org/reference/hooks/rest_api_init/
	 *
	 * @return void
	 */
	public function rest_api_init() {
		register_rest_route(
			Integration::REST_ROUTE_NAMESPACE,
			'/webhook',
			array(
				'methods'  => 'POST',
				'callback' => array( $this, 'rest_api_mollie_webhook' ),
				'args'     => array(
					'id' => array(
						'required' => true,
					),
				),
			)
		);
	}

	/**
	 * REST API Mollie webhook handler.
	 *
	 * @param \WP_REST_Request $request Request.
	 * @return object
	 */
	public function rest_api_mollie_webhook( \WP_REST_Request $request ) {
		$id = $request->get_param( 'id' );

		/**
		 * Result.
		 *
		 * @link https://developer.wordpress.org/reference/functions/wp_send_json_success/
		 */
		$response = \rest_ensure_response(
			array(
				'success' => true,
				'id'      => $id,
			)
		);

		$response->add_link( 'self', rest_url( $request->get_route() ) );

		$payment = \get_pronamic_payment_by_transaction_id( $id );

		if ( null === $payment ) {
			/**
			 * How to handle unknown IDs?
			 *
			 * To not leak any information to malicious third parties, it is recommended
			 * to return a 200 OK response even if the ID is not known to your system.
			 *
			 * @link https://docs.mollie.com/guides/webhooks#how-to-handle-unknown-ids
			 */
			return $response;

		}

		// Add note.
		$note = \sprintf(
			/* translators: %s: Mollie */
			\__( 'Webhook requested by %s.', 'pronamic_ideal' ),
			\__( 'Mollie', 'pronamic_ideal' )
		);

		$payment->add_note( $note );

		// Log webhook request.
		\do_action( 'pronamic_pay_webhook_log_payment', $payment );

		// Update payment.
		Plugin::update_payment( $payment, false );

		return $response;
	}

	/**
	 * WordPress loaded, check for deprecated webhook call.
	 *
	 * @link https://github.com/WordPress/WordPress/blob/5.3/wp-includes/rest-api.php#L277-L309
	 * @return void
	 */
	public function wp_loaded() {
		if ( ! filter_has_var( INPUT_GET, 'mollie_webhook' ) ) {
			return;
		}

		if ( ! filter_has_var( INPUT_POST, 'id' ) ) {
			return;
		}

		\rest_get_server()->serve_request( '/pronamic-pay/mollie/v1/webhook' );

		exit;
	}
}


1			<?php
2			/**
3			* Webhook controller
4			*
5			* @author Pronamic <[email protected]>
6			* @copyright 2005-2020 Pronamic
7			* @license GPL-3.0-or-later
8			* @package Pronamic\WordPress\Pay\Gateways\Mollie
9			*/
10
11			namespace Pronamic\WordPress\Pay\Gateways\Mollie;
12
13			use Pronamic\WordPress\Pay\Plugin;
14
15			/**
16			* Webhook controller
17			*
18			* @link https://docs.mollie.com/guides/webhooks
19			*
20			* @author Remco Tolsma
21			* @version 2.1.0
22			* @since 2.1.0
23			*/
24			class WebhookController {
25			/**
26			* Setup.
27			*
28			* @return void
29			*/
30			public function setup() {
31			add_action( 'rest_api_init', array( $this, 'rest_api_init' ) );
32
33			add_action( 'wp_loaded', array( $this, 'wp_loaded' ) );
34			}
35
36			/**
37			* REST API init.
38			*
39			* @link https://developer.wordpress.org/rest-api/extending-the-rest-api/adding-custom-endpoints/
40			* @link https://developer.wordpress.org/reference/hooks/rest_api_init/
41			*
42			* @return void
43			*/
44			public function rest_api_init() {
45			register_rest_route(
46			Integration::REST_ROUTE_NAMESPACE,
47			'/webhook',
48			array(
49			'methods' => 'POST',
50			'callback' => array( $this, 'rest_api_mollie_webhook' ),
51			'args' => array(
52			'id' => array(
53			'required' => true,
54			),
55			),
56			)
57			);
58			}
59
60			/**
61			* REST API Mollie webhook handler.
62			*
63			* @param \WP_REST_Request $request Request.
64			* @return object
65			*/
66			public function rest_api_mollie_webhook( \WP_REST_Request $request ) {
67			$id = $request->get_param( 'id' );
68
69			/**
70			* Result.
71			*
72			* @link https://developer.wordpress.org/reference/functions/wp_send_json_success/
73			*/
74			$response = \rest_ensure_response(
75			array(
76			'success' => true,
77			'id' => $id,
78			)
79			);
80
81			$response->add_link( 'self', rest_url( $request->get_route() ) );
82
83			$payment = \get_pronamic_payment_by_transaction_id( $id );
84
85			if ( null === $payment ) {
86			/**
87			* How to handle unknown IDs?
88			*
89			* To not leak any information to malicious third parties, it is recommended
90			* to return a 200 OK response even if the ID is not known to your system.
91			*
92			* @link https://docs.mollie.com/guides/webhooks#how-to-handle-unknown-ids
93			*/
94			return $response;
			0 ignored issues – show Bug Best Practice introduced 2020-02-14 13:27 UTC by Report Bug Copy Issue Report Show Similar Issues like this The expression `return $response` also could return the type `array<string,mixed\|null\|true>` which is incompatible with the documented return type `object`. Loading history...
95			}
96
97			// Add note.
98			$note = \sprintf(
99			/* translators: %s: Mollie */
100			\__( 'Webhook requested by %s.', 'pronamic_ideal' ),
101			\__( 'Mollie', 'pronamic_ideal' )
102			);
103
104			$payment->add_note( $note );
105
106			// Log webhook request.
107			\do_action( 'pronamic_pay_webhook_log_payment', $payment );
108
109			// Update payment.
110			Plugin::update_payment( $payment, false );
111
112			return $response;
113			}
114
115			/**
116			* WordPress loaded, check for deprecated webhook call.
117			*
118			* @link https://github.com/WordPress/WordPress/blob/5.3/wp-includes/rest-api.php#L277-L309
119			* @return void
120			*/
121			public function wp_loaded() {
122			if ( ! filter_has_var( INPUT_GET, 'mollie_webhook' ) ) {
123			return;
124			}
125
126			if ( ! filter_has_var( INPUT_POST, 'id' ) ) {
127			return;
128			}
129
130			\rest_get_server()->serve_request( '/pronamic-pay/mollie/v1/webhook' );
131
132			exit;
133			}
134			}
135

wp-pay-gateways / mollie

Push — develop ( 65ab55...ce3cc3 )

src/WebhookController.php (1 issue)

Labels

Severity

Introduced By

Duplication Side-by-Side

Filter issues like