/**
* Test WC REST API is accessible using RESTful HTTP methods
* @return array
*/
private function test_wc_rest_api()
{
$result = array('title' => __('WC REST API', 'woocommerce-pos'), 'message' => __('API is active', 'woocommerce-pos'));
// check wc settings
if (get_option('woocommerce_api_enabled') !== 'yes') {
return array_merge($result, array('pass' => false, 'message' => __('Access to the REST API is required', 'woocommerce-pos'), 'buttons' => array(array('href' => admin_url('admin.php?page=wc-settings'), 'prompt' => __('Enable the REST API', 'woocommerce')))));
}
// check permalinks
$permalinks = get_option('permalink_structure');
if (empty($permalinks)) {
return array_merge($result, array('pass' => false, 'message' => __('<strong>WooCommerce REST API</strong> requires <em>pretty</em> permalinks to work correctly', 'woocommerce-pos'), 'buttons' => array(array('href' => admin_url('options-permalink.php'), 'prompt' => __('Enable permalinks', 'woocommerce-pos')))));
}
// check API access
if (!$this->http_status(get_woocommerce_api_url(''))) {
return array_merge($result, array('pass' => false, 'message' => __('Unable to test the REST API', 'woocommerce-pos')));
}
// check http methods
$can_use_restful_methods = $this->use_restful_http_methods();
$legacy_server_enabled = get_option('woocommerce_pos_emulateHTTP') === '1';
if (!$can_use_restful_methods && !$legacy_server_enabled) {
return array_merge($result, array('pass' => false, 'message' => __('Unable to use RESTful HTTP methods', 'woocommerce-pos'), 'buttons' => array(array('action' => 'legacy-enable', 'prompt' => __('Enable legacy server support', 'woocommerce-pos')))));
}
if ($can_use_restful_methods && $legacy_server_enabled) {
return array_merge($result, array('pass' => false, 'message' => __('Legacy server support enabled', 'woocommerce-pos'), 'buttons' => array(array('action' => 'legacy-disable', 'prompt' => __('Disable legacy server support', 'woocommerce-pos')))));
}
return array_merge($result, array('pass' => true));
}
/**
* Constructor
*/
public function __construct()
{
// this should only be init after woocommerce_init
global $wp_actions;
if (!isset($wp_actions['woocommerce_init'])) {
return;
}
// common params
$this->accounting = $this->accounting();
$this->ajaxurl = admin_url('admin-ajax.php', 'relative');
$this->customers = $this->customers();
$this->i18n = WC_POS_i18n::translations();
$this->nonce = wp_create_nonce(WC_POS_PLUGIN_NAME);
$this->wc_api = get_woocommerce_api_url('');
$this->emulateHTTP = get_option('woocommerce_pos_emulateHTTP') === '1';
// frontend params
if (!is_admin()) {
$this->auto_print = wc_pos_get_option('checkout', 'auto_print_receipt');
$this->denominations = WC_POS_i18n::currency_denominations();
$this->discount_keys = wc_pos_get_option('general', 'discount_quick_keys');
$this->hotkeys = wc_pos_get_option('hotkeys', 'hotkeys');
$this->shipping = $this->shipping_labels();
$this->tabs = $this->product_tabs();
$this->tax = $this->tax();
$this->tax_classes = WC_POS_Tax::tax_classes();
$this->tax_rates = WC_POS_Tax::tax_rates();
$this->user = $this->user();
}
}
/**
* Test get_woocommerce_api_url().
*
* @since 2.2
*/
public function test_get_woocommerce_api_url()
{
$base_uri = get_home_url();
// base uri
$this->assertEquals("{$base_uri}/wc-api/v3/", get_woocommerce_api_url(null));
// path
$this->assertEquals("{$base_uri}/wc-api/v3/orders", get_woocommerce_api_url('orders'));
}
/**
* @param array $params
* @return array
*/
public function admin_params(array $params)
{
$params['accounting'] = $this->accounting();
$params['ajaxurl'] = admin_url('admin-ajax.php', 'relative');
$params['customers'] = $this->customers();
$params['nonce'] = wp_create_nonce(WC_POS_PLUGIN_NAME);
$params['wc_api'] = get_woocommerce_api_url('');
$params['emulateHTTP'] = get_option('woocommerce_pos_emulateHTTP') === '1';
return $params;
}
/**
* Constructor
*/
public function __construct()
{
// this should only be init after woocommerce_init
global $wp_actions;
if (!isset($wp_actions['woocommerce_init'])) {
return;
}
// common params
$this->accounting = $this->accounting();
$this->ajaxurl = admin_url('admin-ajax.php', 'relative');
$this->customers = $this->customers();
$this->debug = defined('SCRIPT_DEBUG') && SCRIPT_DEBUG;
$this->nonce = wp_create_nonce(WC_POS_PLUGIN_NAME);
$this->wc_api = get_woocommerce_api_url('');
$this->emulateHTTP = get_option('woocommerce_pos_emulateHTTP') === '1';
$this->idbVersion = WC_POS_Settings::get_idb_version();
// frontend params
if (is_pos()) {
$this->auto_print = wc_pos_get_option('checkout', 'auto_print_receipt');
$this->denominations = WC_POS_i18n::currency_denominations();
$this->discount_keys = wc_pos_get_option('general', 'discount_quick_keys');
$this->hotkeys = wc_pos_get_option('hotkeys', 'hotkeys');
$this->menu = $this->menu();
$this->shipping = $this->shipping_labels();
$this->store = array('name' => get_bloginfo('name'));
$this->tabs = $this->product_tabs();
$this->tax = $this->tax();
$this->tax_classes = WC_POS_Tax::tax_classes();
$this->tax_rates = WC_POS_Tax::tax_rates();
$this->user = $this->user();
}
// admin params
if (is_admin()) {
$this->search_customers_nonce = wp_create_nonce('search-customers');
}
}
/**
* Verify that the consumer-provided request signature matches our generated signature, this ensures the consumer
* has a valid key/secret
*
* @param WP_User $user
* @param array $params the request parameters
* @throws Exception
*/
private function check_oauth_signature($user, $params)
{
$http_method = strtoupper(WC()->api->server->method);
$base_request_uri = rawurlencode(untrailingslashit(get_woocommerce_api_url('')) . WC()->api->server->path);
// get the signature provided by the consumer and remove it from the parameters prior to checking the signature
$consumer_signature = rawurldecode($params['oauth_signature']);
unset($params['oauth_signature']);
// remove filters and convert them from array to strings to void normalize issues
if (isset($params['filter'])) {
$filters = $params['filter'];
unset($params['filter']);
foreach ($filters as $filter => $filter_value) {
$params['filter[' . $filter . ']'] = $filter_value;
}
}
// normalize parameter key/values
$params = $this->normalize_parameters($params);
// sort parameters
if (!uksort($params, 'strcmp')) {
throw new Exception(__('Invalid Signature - failed to sort parameters', 'woocommerce'), 401);
}
// form query string
$query_params = array();
foreach ($params as $param_key => $param_value) {
$query_params[] = $param_key . '%3D' . $param_value;
// join with equals sign
}
$query_string = implode('%26', $query_params);
// join with ampersand
$string_to_sign = $http_method . '&' . $base_request_uri . '&' . $query_string;
if ($params['oauth_signature_method'] !== 'HMAC-SHA1' && $params['oauth_signature_method'] !== 'HMAC-SHA256') {
throw new Exception(__('Invalid Signature - signature method is invalid', 'woocommerce'), 401);
}
$hash_algorithm = strtolower(str_replace('HMAC-', '', $params['oauth_signature_method']));
$signature = base64_encode(hash_hmac($hash_algorithm, $string_to_sign, $user->woocommerce_api_consumer_secret, true));
if (!hash_equals($signature, $consumer_signature)) {
throw new Exception(__('Invalid Signature - provided signature does not match', 'woocommerce'), 401);
}
}
/**
* Get the site index.
*
* This endpoint describes the capabilities of the site.
*
* @since 2.3
* @return array Index entity
*/
public function get_index()
{
// General site data
$available = array('store' => array('name' => get_option('blogname'), 'description' => get_option('blogdescription'), 'URL' => get_option('siteurl'), 'wc_version' => WC()->version, 'routes' => array(), 'meta' => array('timezone' => wc_timezone_string(), 'currency' => get_woocommerce_currency(), 'currency_format' => get_woocommerce_currency_symbol(), 'currency_position' => get_option('woocommerce_currency_pos'), 'thousand_separator' => get_option('woocommerce_price_decimal_sep'), 'decimal_separator' => get_option('woocommerce_price_thousand_sep'), 'price_num_decimals' => wc_get_price_decimals(), 'tax_included' => wc_prices_include_tax(), 'weight_unit' => get_option('woocommerce_weight_unit'), 'dimension_unit' => get_option('woocommerce_dimension_unit'), 'ssl_enabled' => 'yes' === get_option('woocommerce_force_ssl_checkout'), 'permalinks_enabled' => '' !== get_option('permalink_structure'), 'links' => array('help' => 'http://woothemes.github.io/woocommerce-rest-api-docs/'))));
// Find the available routes
foreach ($this->get_routes() as $route => $callbacks) {
$data = array();
$route = preg_replace('#\\(\\?P(<\\w+?>).*?\\)#', '$1', $route);
foreach (self::$method_map as $name => $bitmask) {
foreach ($callbacks as $callback) {
// Skip to the next route if any callback is hidden
if ($callback[1] & self::HIDDEN_ENDPOINT) {
continue 3;
}
if ($callback[1] & $bitmask) {
$data['supports'][] = $name;
}
if ($callback[1] & self::ACCEPT_DATA) {
$data['accepts_data'] = true;
}
// For non-variable routes, generate links
if (strpos($route, '<') === false) {
$data['meta'] = array('self' => get_woocommerce_api_url($route));
}
}
}
$available['store']['routes'][$route] = apply_filters('woocommerce_api_endpoints_description', $data);
}
return apply_filters('woocommerce_api_index', $available);
}
/**
* Verify that the consumer-provided request signature matches our generated signature, this ensures the consumer
* has a valid key/secret
*
* @param array $keys
* @param array $params the request parameters
* @throws Exception
*/
private function check_oauth_signature($keys, $params)
{
$http_method = strtoupper(WC()->api->server->method);
$server_path = WC()->api->server->path;
// if the requested URL has a trailingslash, make sure our base URL does as well
if (isset($_SERVER['REDIRECT_URL']) && '/' === substr($_SERVER['REDIRECT_URL'], -1)) {
$server_path .= '/';
}
$base_request_uri = rawurlencode(untrailingslashit(get_woocommerce_api_url('')) . $server_path);
// Get the signature provided by the consumer and remove it from the parameters prior to checking the signature
$consumer_signature = rawurldecode($params['oauth_signature']);
unset($params['oauth_signature']);
// Sort parameters
if (!uksort($params, 'strcmp')) {
throw new Exception(__('Invalid Signature - failed to sort parameters', 'woocommerce'), 401);
}
// Normalize parameter key/values
$params = $this->normalize_parameters($params);
$query_parameters = array();
foreach ($params as $param_key => $param_value) {
if (is_array($param_value)) {
foreach ($param_value as $param_key_inner => $param_value_inner) {
$query_parameters[] = $param_key . '%255B' . $param_key_inner . '%255D%3D' . $param_value_inner;
}
} else {
$query_parameters[] = $param_key . '%3D' . $param_value;
// join with equals sign
}
}
$query_string = implode('%26', $query_parameters);
// join with ampersand
$string_to_sign = $http_method . '&' . $base_request_uri . '&' . $query_string;
if ($params['oauth_signature_method'] !== 'HMAC-SHA1' && $params['oauth_signature_method'] !== 'HMAC-SHA256') {
throw new Exception(__('Invalid Signature - signature method is invalid', 'woocommerce'), 401);
}
$hash_algorithm = strtolower(str_replace('HMAC-', '', $params['oauth_signature_method']));
$secret = $keys['consumer_secret'] . '&';
$signature = base64_encode(hash_hmac($hash_algorithm, $string_to_sign, $secret, true));
if (!hash_equals($signature, $consumer_signature)) {
throw new Exception(__('Invalid Signature - provided signature does not match', 'woocommerce'), 401);
}
}
public function setUp()
{
$this->client = new GuzzleHttp\Client(['base_url' => get_woocommerce_api_url('products/'), 'defaults' => ['exceptions' => false, 'headers' => ['X-WC-POS' => '1']]]);
}
/**
* Returns the request URL with the page query parmeter set to the specified page
*
* @since 2.1
* @param int $page
* @return string
*/
private function get_paginated_url($page)
{
// remove existing page query param
$request = remove_query_arg('page');
// add provided page query param
$request = urldecode(add_query_arg('page', $page, $request));
// return full URL
return get_woocommerce_api_url(str_replace('/wc-api/v1/', '', $request));
}
/**
* Get admin menu content
*
* @since 1.0.0
*/
public function get_content()
{
// First check if WooCommerce is active...
if (!is_plugin_active('woocommerce/woocommerce.php')) {
return print '<h2 class="clear">' . __('Please install WooCommerce before using this plugin.', 'tenbucks') . '</h2>';
}
$wc_data = get_plugin_data(WP_PLUGIN_DIR . '/woocommerce/woocommerce.php');
if (version_compare($wc_data['Version'], '2.4.0', '<')) {
return print '<h2 class="clear">' . __('Please update your WooCommerce plugin before using this plugin.', 'tenbucks') . '</h2>';
}
require_once plugin_dir_path(dirname(__FILE__)) . 'includes/class-wic-server.php';
$is_ssl = is_ssl();
$shop_url = get_site_url();
$display_iframe = (bool) get_option('tenbucks_registration_complete');
$api_doc_link = sprintf('<a href="%s" target="_blank">%s</a>', 'http://docs.woothemes.com/document/woocommerce-rest-api/', __('See how', 'tenbucks'));
$is_api_active = get_option('woocommerce_api_enabled') === 'yes';
$lang_infos = explode('-', get_bloginfo('language'));
$query = array('url' => $shop_url, 'timestamp' => (int) microtime(true), 'platform' => 'WooCommerce', 'cms_version' => $wc_data['Version'], 'module_version' => $this->version);
if (!$is_ssl) {
$ssl_message = __('You\'re not using SSL. For safety reasons, our iframe use <strong>https protocol</strong> to secure every transactions', 'tenbucks');
$pp_url = 'http://store.webincolor.fr/conditions-generales-de-ventes';
$pp_link = sprintf('<a href="%s" target="_blank">%s</a>', $pp_url, __('More informations about our privacy policy', 'tenbucks'));
$this->add_notice($ssl_message . '. ' . $pp_link . '.', 'info');
}
// If API is disabled.
if (!$is_api_active) {
$this->add_notice(__('WooCommerce API is not enabled. Please activate it and create an API read/write access before using this plugin.', 'tenbucks') . ' ' . $api_doc_link, 'error');
} else {
$api_details = array();
preg_match('/\\/wc-api\\/v(\\d)\\/$/', get_woocommerce_api_url('/'), $api_details);
$api_url = $api_details[0];
$api_version = (int) $api_details[1];
if ($api_version > 1) {
$query['api_version'] = $api_version;
$standalone_url = WIC_Server::getUrl('/', $query, true);
$iframe_url = WIC_Server::getUrl('/', $query);
} else {
$display_iframe = false;
$this->add_notice(__('Your WooCommerce version is obsolete, please update it before using this plugin.', 'tenbucks'), 'error');
}
}
// Debug Mod prevent JSON responses to be correctly parsed
if (WP_DEBUG) {
$message = __('WP_DEBUG is active. This can prevent our WooCommerce responses to be parsed correctly and cause malfunctioning.', 'tenbucks');
$this->add_notice($message, 'error');
}
$template_name = $display_iframe ? 'tenbucks-admin-display' : 'tenbucks-registration-form';
require_once plugin_dir_path(dirname(__FILE__)) . 'admin/partials/' . $template_name . '.php';
}
private function get_random_product()
{
$response = $this->client->get(get_woocommerce_api_url('products/'));
$data = $response->json();
return $data['products'][array_rand($data['products'])];
}
public function setUp()
{
$this->client = new GuzzleHttp\Client(['base_url' => get_woocommerce_api_url(''), 'defaults' => ['exceptions' => false]]);
}
