/** * @return bool|WP_Error */ public static function register() { add_action('pre_update_jetpack_option_register', array('Jetpack_Options', 'delete_option')); $secrets = Jetpack::init()->generate_secrets(); Jetpack_Options::update_option('register', $secrets[0] . ':' . $secrets[1] . ':' . $secrets[2]); @(list($secret_1, $secret_2, $secret_eol) = explode(':', Jetpack_Options::get_option('register'))); if (empty($secret_1) || empty($secret_2) || empty($secret_eol) || $secret_eol < time()) { return new Jetpack_Error('missing_secrets'); } $timeout = Jetpack::init()->get_remote_query_timeout_limit(); $gmt_offset = get_option('gmt_offset'); if (!$gmt_offset) { $gmt_offset = 0; } $stats_options = get_option('stats_options'); $stats_id = isset($stats_options['blog_id']) ? $stats_options['blog_id'] : null; $args = array('method' => 'POST', 'body' => array('siteurl' => site_url(), 'home' => home_url(), 'gmt_offset' => $gmt_offset, 'timezone_string' => (string) get_option('timezone_string'), 'site_name' => (string) get_option('blogname'), 'secret_1' => $secret_1, 'secret_2' => $secret_2, 'site_lang' => get_locale(), 'timeout' => $timeout, 'stats_id' => $stats_id), 'headers' => array('Accept' => 'application/json'), 'timeout' => $timeout); $response = Jetpack_Client::_wp_remote_request(Jetpack::fix_url_for_bad_hosts(Jetpack::api_url('register')), $args, true); // Make sure the response is valid and does not contain any Jetpack errors $valid_response = Jetpack::init()->validate_remote_register_response($response); if (is_wp_error($valid_response) || !$valid_response) { return $valid_response; } // Grab the response values to work with $code = wp_remote_retrieve_response_code($response); $entity = wp_remote_retrieve_body($response); if ($entity) { $json = json_decode($entity); } else { $json = false; } if (empty($json->jetpack_secret) || !is_string($json->jetpack_secret)) { return new Jetpack_Error('jetpack_secret', '', $code); } if (isset($json->jetpack_public)) { $jetpack_public = (int) $json->jetpack_public; } else { $jetpack_public = false; } Jetpack_Options::update_options(array('id' => (int) $json->jetpack_id, 'blog_token' => (string) $json->jetpack_secret, 'public' => $jetpack_public)); return true; }
/** * @return bool|WP_Error */ public static function register() { Jetpack_Options::update_option('register', wp_generate_password(32, false) . ':' . wp_generate_password(32, false) . ':' . (time() + 600)); @(list($secret_1, $secret_2, $secret_eol) = explode(':', Jetpack_Options::get_option('register'))); if (empty($secret_1) || empty($secret_2) || empty($secret_eol) || $secret_eol < time()) { return new Jetpack_Error('missing_secrets'); } $timeout = (int) ini_get('max_execution_time'); if (!$timeout) { $timeout = 30; } $timeout = intval($timeout / 2); $gmt_offset = get_option('gmt_offset'); if (!$gmt_offset) { $gmt_offset = 0; } $stats_options = get_option('stats_options'); $stats_id = isset($stats_options['blog_id']) ? $stats_options['blog_id'] : null; $args = array('method' => 'POST', 'body' => array('siteurl' => site_url(), 'home' => home_url(), 'gmt_offset' => $gmt_offset, 'timezone_string' => (string) get_option('timezone_string'), 'site_name' => (string) get_option('blogname'), 'secret_1' => $secret_1, 'secret_2' => $secret_2, 'site_lang' => get_locale(), 'timeout' => $timeout, 'stats_id' => $stats_id), 'headers' => array('Accept' => 'application/json'), 'timeout' => $timeout); $response = Jetpack_Client::_wp_remote_request(Jetpack::fix_url_for_bad_hosts(Jetpack::api_url('register')), $args, true); if (is_wp_error($response)) { return new Jetpack_Error('register_http_request_failed', $response->get_error_message()); } $code = wp_remote_retrieve_response_code($response); $entity = wp_remote_retrieve_body($response); if ($entity) { $json = json_decode($entity); } else { $json = false; } $code_type = intval($code / 100); if (5 == $code_type) { return new Jetpack_Error('wpcom_5??', sprintf(__('Error Details: %s', 'jetpack'), $code), $code); } elseif (408 == $code) { return new Jetpack_Error('wpcom_408', sprintf(__('Error Details: %s', 'jetpack'), $code), $code); } elseif (!empty($json->error)) { $error_description = isset($json->error_description) ? sprintf(__('Error Details: %s', 'jetpack'), (string) $json->error_description) : ''; return new Jetpack_Error((string) $json->error, $error_description, $code); } elseif (200 != $code) { return new Jetpack_Error('wpcom_bad_response', sprintf(__('Error Details: %s', 'jetpack'), $code), $code); } // Jetpack ID error block if (empty($json->jetpack_id)) { return new Jetpack_Error('jetpack_id', sprintf(__('Error Details: Jetpack ID is empty. Do not publicly post this error message! %s', 'jetpack'), $entity), $entity); } elseif (!is_scalar($json->jetpack_id)) { return new Jetpack_Error('jetpack_id', sprintf(__('Error Details: Jetpack ID is not a scalar. Do not publicly post this error message! %s', 'jetpack'), $entity), $entity); } elseif (preg_match('/[^0-9]/', $json->jetpack_id)) { return new Jetpack_Error('jetpack_id', sprintf(__('Error Details: Jetpack ID begins with a numeral. Do not publicly post this error message! %s', 'jetpack'), $entity), $entity); } if (empty($json->jetpack_secret) || !is_string($json->jetpack_secret)) { return new Jetpack_Error('jetpack_secret', '', $code); } if (isset($json->jetpack_public)) { $jetpack_public = (int) $json->jetpack_public; } else { $jetpack_public = false; } Jetpack_Options::update_options(array('id' => (int) $json->jetpack_id, 'blog_token' => (string) $json->jetpack_secret, 'public' => $jetpack_public)); return true; }
/** * @return object|WP_Error */ function get_token($data) { $jetpack = Jetpack::init(); $role = $jetpack->translate_current_user_to_role(); if (!$role) { return new Jetpack_Error('role', __('An administrator for this blog must set up the Jetpack connection.', 'jetpack')); } $client_secret = Jetpack_Data::get_access_token(0); if (!$client_secret) { return new Jetpack_Error('client_secret', __('You need to register your Jetpack before connecting it.', 'jetpack')); } $body = array('client_id' => Jetpack::get_option('id'), 'client_secret' => $client_secret->secret, 'grant_type' => 'authorization_code', 'code' => $data['code'], 'redirect_uri' => add_query_arg(array('action' => 'authorize', '_wpnonce' => wp_create_nonce("jetpack-authorize_{$role}")), menu_page_url('jetpack', false))); $args = array('method' => 'POST', 'body' => $body, 'headers' => array('Accept' => 'application/json')); $response = Jetpack_Client::_wp_remote_request(Jetpack::fix_url_for_bad_hosts(Jetpack::api_url('token'), $args), $args); if (is_wp_error($response)) { return new Jetpack_Error('token_http_request_failed', $response->get_error_message()); } $code = wp_remote_retrieve_response_code($response); $entity = wp_remote_retrieve_body($response); if ($entity) { $json = json_decode($entity); } else { $json = false; } if (200 != $code || !empty($json->error)) { if (empty($json->error)) { return new Jetpack_Error('unknown', '', $code); } $error_description = isset($json->error_description) ? sprintf(__('Error Details: %s', 'jetpack'), (string) $json->error_description) : ''; return new Jetpack_Error((string) $json->error, $error_description, $code); } if (empty($json->access_token) || !is_scalar($json->access_token)) { return new Jetpack_Error('access_token', '', $code); } if (empty($json->token_type) || 'X_JETPACK' != strtoupper($json->token_type)) { return new Jetpack_Error('token_type', '', $code); } if (empty($json->scope)) { return new Jetpack_Error('scope', 'No Scope', $code); } @(list($role, $hmac) = explode(':', $json->scope)); if (empty($role) || empty($hmac)) { return new Jetpack_Error('scope', 'Malformed Scope', $code); } if ($jetpack->sign_role($role) !== $json->scope) { return new Jetpack_Error('scope', 'Invalid Scope', $code); } if (!($cap = $jetpack->translate_role_to_cap($role))) { return new Jetpack_Error('scope', 'No Cap', $code); } if (!current_user_can($cap)) { return new Jetpack_Error('scope', 'current_user_cannot', $code); } return (string) $json->access_token; }
/** * @return bool|WP_Error */ public static function register() { add_action('pre_update_jetpack_option_register', array('Jetpack_Options', 'delete_option')); $secrets = Jetpack::init()->generate_secrets('register'); @(list($secret_1, $secret_2, $secret_eol) = explode(':', $secrets)); if (empty($secret_1) || empty($secret_2) || empty($secret_eol) || $secret_eol < time()) { return new Jetpack_Error('missing_secrets'); } $timeout = Jetpack::init()->get_remote_query_timeout_limit(); $gmt_offset = get_option('gmt_offset'); if (!$gmt_offset) { $gmt_offset = 0; } $stats_options = get_option('stats_options'); $stats_id = isset($stats_options['blog_id']) ? $stats_options['blog_id'] : null; $args = array('method' => 'POST', 'body' => array('siteurl' => site_url(), 'home' => home_url(), 'gmt_offset' => $gmt_offset, 'timezone_string' => (string) get_option('timezone_string'), 'site_name' => (string) get_option('blogname'), 'secret_1' => $secret_1, 'secret_2' => $secret_2, 'site_lang' => get_locale(), 'timeout' => $timeout, 'stats_id' => $stats_id, 'state' => get_current_user_id()), 'headers' => array('Accept' => 'application/json'), 'timeout' => $timeout); $response = Jetpack_Client::_wp_remote_request(Jetpack::fix_url_for_bad_hosts(Jetpack::api_url('register')), $args, true); // Make sure the response is valid and does not contain any Jetpack errors $valid_response = Jetpack::init()->validate_remote_register_response($response); if (is_wp_error($valid_response) || !$valid_response) { return $valid_response; } // Grab the response values to work with $code = wp_remote_retrieve_response_code($response); $entity = wp_remote_retrieve_body($response); if ($entity) { $json = json_decode($entity); } else { $json = false; } if (empty($json->jetpack_secret) || !is_string($json->jetpack_secret)) { return new Jetpack_Error('jetpack_secret', '', $code); } if (isset($json->jetpack_public)) { $jetpack_public = (int) $json->jetpack_public; } else { $jetpack_public = false; } Jetpack_Options::update_options(array('id' => (int) $json->jetpack_id, 'blog_token' => (string) $json->jetpack_secret, 'public' => $jetpack_public)); /** * Fires when a site is registered on WordPress.com. * * @since 3.7.0 * * @param int $json->jetpack_id Jetpack Blog ID. * @param string $json->jetpack_secret Jetpack Blog Token. * @param int|bool $jetpack_public Is the site public. */ do_action('jetpack_site_registered', $json->jetpack_id, $json->jetpack_secret, $jetpack_public); // Initialize Jump Start for the first and only time. if (!Jetpack_Options::get_option('jumpstart')) { Jetpack_Options::update_option('jumpstart', 'new_connection'); $jetpack = Jetpack::init(); $jetpack->stat('jumpstart', 'unique-views'); $jetpack->do_stats('server_side'); } return true; }
/** * Registers a subsite with the Jetpack servers * * @since 2.9 * @todo Break apart into easier to manage chunks that can be unit tested * @see Jetpack_Network::jetpack_sites_list(); */ public function do_subsiteregister($site_id = null) { if (!current_user_can('jetpack_disconnect')) { return; } $jp = Jetpack::init(); // Figure out what site we are working on $site_id = is_null($site_id) ? $_GET['site_id'] : $site_id; // Build secrets to sent to wpcom for verification $secrets = $jp->generate_secrets(); // Remote query timeout limit $timeout = $jp->get_remote_query_timeout_limit(); // The blog id on WordPress.com of the primary network site $network_wpcom_blog_id = Jetpack_Options::get_option('id'); /* * Here we need to switch to the subsite * For the registration process we really only hijack how it * works for an individual site and pass in some extra data here */ switch_to_blog($site_id); // Save the secrets in the subsite so when the wpcom server does a pingback it // will be able to validate the connection Jetpack_Options::update_option('register', $secrets[0] . ':' . $secrets[1] . ':' . $secrets[2]); // Gra info for gmt offset $gmt_offset = get_option('gmt_offset'); if (!$gmt_offset) { $gmt_offset = 0; } /* * Get the stats_option option from the db. * It looks like the server strips this out so maybe it is not necessary? * Does it match the Jetpack site with the old stats plugin id? * * @todo Find out if sending the stats_id is necessary */ $stat_options = get_option('stats_options'); $stat_id = $stat_options = isset($stats_options['blog_id']) ? $stats_options['blog_id'] : null; $args = array('method' => 'POST', 'body' => array('network_url' => $this->get_url('network_admin_page'), 'network_wpcom_blog_id' => $network_wpcom_blog_id, 'siteurl' => site_url(), 'home' => home_url(), 'gmt_offset' => $gmt_offset, 'timezone_string' => (string) get_option('timezone_string'), 'site_name' => (string) get_option('blogname'), 'secret_1' => $secrets[0], 'secret_2' => $secrets[1], 'site_lang' => get_locale(), 'timeout' => $timeout, 'stats_id' => $stat_id, 'user_id' => get_current_user_id()), 'headers' => array('Accept' => 'application/json'), 'timeout' => $timeout); // Attempt to retrieve shadow blog details $response = Jetpack_Client::_wp_remote_request(Jetpack::fix_url_for_bad_hosts(Jetpack::api_url('subsiteregister')), $args, true); /* * $response should either be invalid or contain: * - jetpack_id => id * - jetpack_secret => blog_token * - jetpack_public * * Store the wpcom site details */ $valid_response = $jp->validate_remote_register_response($response); if (is_wp_error($valid_response) || !$valid_response) { restore_current_blog(); return $valid_response; } // Grab the response values to work with $code = wp_remote_retrieve_response_code($response); $entity = wp_remote_retrieve_body($response); if ($entity) { $json = json_decode($entity); } else { $json = false; } if (empty($json->jetpack_secret) || !is_string($json->jetpack_secret)) { restore_current_blog(); return new Jetpack_Error('jetpack_secret', '', $code); } if (isset($json->jetpack_public)) { $jetpack_public = (int) $json->jetpack_public; } else { $jetpack_public = false; } Jetpack_Options::update_options(array('id' => (int) $json->jetpack_id, 'blog_token' => (string) $json->jetpack_secret, 'public' => $jetpack_public)); /* * Update the subsiteregister method on wpcom so that it also sends back the * token in this same request */ $is_master_user = !Jetpack::is_active(); Jetpack::update_user_token(get_current_user_id(), sprintf('%s.%d', $json->token->secret, get_current_user_id()), $is_master_user); Jetpack::activate_default_modules(); restore_current_blog(); }