Enters a user token into the user_tokens option
| public static update_user_token ( integer $user_id, string $token, $is_master_user ) | ||
| $user_id | integer | |
| $token | string | return bool |
/**
* Registers a subsite with the Jetpack servers
*
* @since 2.9
* @todo Break apart into easier to manage chunks that can be unit tested
* @see Jetpack_Network::jetpack_sites_list();
*/
public function do_subsiteregister($site_id = null)
{
if (!current_user_can('jetpack_disconnect')) {
return;
}
$jp = Jetpack::init();
// Figure out what site we are working on
$site_id = is_null($site_id) ? $_GET['site_id'] : $site_id;
// Build secrets to sent to wpcom for verification
$secrets = $jp->generate_secrets();
// Remote query timeout limit
$timeout = $jp->get_remote_query_timeout_limit();
// The blog id on WordPress.com of the primary network site
$network_wpcom_blog_id = Jetpack_Options::get_option('id');
/*
* Here we need to switch to the subsite
* For the registration process we really only hijack how it
* works for an individual site and pass in some extra data here
*/
switch_to_blog($site_id);
// Save the secrets in the subsite so when the wpcom server does a pingback it
// will be able to validate the connection
Jetpack_Options::update_option('register', $secrets[0] . ':' . $secrets[1] . ':' . $secrets[2]);
// Gra info for gmt offset
$gmt_offset = get_option('gmt_offset');
if (!$gmt_offset) {
$gmt_offset = 0;
}
/*
* Get the stats_option option from the db.
* It looks like the server strips this out so maybe it is not necessary?
* Does it match the Jetpack site with the old stats plugin id?
*
* @todo Find out if sending the stats_id is necessary
*/
$stat_options = get_option('stats_options');
$stat_id = $stat_options = isset($stats_options['blog_id']) ? $stats_options['blog_id'] : null;
$args = array('method' => 'POST', 'body' => array('network_url' => $this->get_url('network_admin_page'), 'network_wpcom_blog_id' => $network_wpcom_blog_id, 'siteurl' => site_url(), 'home' => home_url(), 'gmt_offset' => $gmt_offset, 'timezone_string' => (string) get_option('timezone_string'), 'site_name' => (string) get_option('blogname'), 'secret_1' => $secrets[0], 'secret_2' => $secrets[1], 'site_lang' => get_locale(), 'timeout' => $timeout, 'stats_id' => $stat_id, 'user_id' => get_current_user_id()), 'headers' => array('Accept' => 'application/json'), 'timeout' => $timeout);
// Attempt to retrieve shadow blog details
$response = Jetpack_Client::_wp_remote_request(Jetpack::fix_url_for_bad_hosts(Jetpack::api_url('subsiteregister')), $args, true);
/*
* $response should either be invalid or contain:
* - jetpack_id => id
* - jetpack_secret => blog_token
* - jetpack_public
*
* Store the wpcom site details
*/
$valid_response = $jp->validate_remote_register_response($response);
if (is_wp_error($valid_response) || !$valid_response) {
restore_current_blog();
return $valid_response;
}
// Grab the response values to work with
$code = wp_remote_retrieve_response_code($response);
$entity = wp_remote_retrieve_body($response);
if ($entity) {
$json = json_decode($entity);
} else {
$json = false;
}
if (empty($json->jetpack_secret) || !is_string($json->jetpack_secret)) {
restore_current_blog();
return new Jetpack_Error('jetpack_secret', '', $code);
}
if (isset($json->jetpack_public)) {
$jetpack_public = (int) $json->jetpack_public;
} else {
$jetpack_public = false;
}
Jetpack_Options::update_options(array('id' => (int) $json->jetpack_id, 'blog_token' => (string) $json->jetpack_secret, 'public' => $jetpack_public));
/*
* Update the subsiteregister method on wpcom so that it also sends back the
* token in this same request
*/
$is_master_user = !Jetpack::is_active();
Jetpack::update_user_token(get_current_user_id(), sprintf('%s.%d', $json->token->secret, get_current_user_id()), $is_master_user);
Jetpack::activate_default_modules();
restore_current_blog();
}
function authorize($data = array())
{
$redirect = isset($data['redirect']) ? esc_url_raw((string) $data['redirect']) : '';
$jetpack_unique_connection = Jetpack_Options::get_option('unique_connection');
// Checking if site has been active/connected previously before recording unique connection
if (!$jetpack_unique_connection) {
// jetpack_unique_connection option has never been set
$jetpack_unique_connection = array('connected' => 0, 'disconnected' => 0, 'version' => '3.6.1');
update_option('jetpack_unique_connection', $jetpack_unique_connection);
//track unique connection
$jetpack = $this->get_jetpack();
$jetpack->stat('connections', 'unique-connection');
$jetpack->do_stats('server_side');
}
// increment number of times connected
$jetpack_unique_connection['connected'] += 1;
Jetpack_Options::update_option('unique_connection', $jetpack_unique_connection);
$role = Jetpack::translate_current_user_to_role();
if (!$role) {
return new Jetpack_Error('no_role', 'Invalid request.', 400);
}
$cap = Jetpack::translate_role_to_cap($role);
if (!$cap) {
return new Jetpack_Error('no_cap', 'Invalid request.', 400);
}
if (!empty($data['error'])) {
return new Jetpack_Error($data['error'], 'Error included in the request.', 400);
}
if (!isset($data['state'])) {
return new Jetpack_Error('no_state', 'Request must include state.', 400);
}
if (!ctype_digit($data['state'])) {
return new Jetpack_Error($data['error'], 'State must be an integer.', 400);
}
$current_user_id = get_current_user_id();
if ($current_user_id != $data['state']) {
return new Jetpack_Error('wrong_state', 'State does not match current user.', 400);
}
if (empty($data['code'])) {
return new Jetpack_Error('no_code', 'Request must include an authorization code.', 400);
}
$token = $this->get_token($data);
if (is_wp_error($token)) {
$code = $token->get_error_code();
if (empty($code)) {
$code = 'invalid_token';
}
return new Jetpack_Error($code, $token->get_error_message(), 400);
}
if (!$token) {
return new Jetpack_Error('no_token', 'Error generating token.', 400);
}
$is_master_user = !Jetpack::is_active();
Jetpack::update_user_token($current_user_id, sprintf('%s.%d', $token, $current_user_id), $is_master_user);
if (!$is_master_user) {
Jetpack::state('message', 'linked');
// Don't activate anything since we are just connecting a user.
return 'linked';
}
$redirect_on_activation_error = 'client' === $data['auth_type'] ? true : false;
if ($active_modules = Jetpack_Options::get_option('active_modules')) {
Jetpack::delete_active_modules();
Jetpack::activate_default_modules(999, 1, $active_modules, $redirect_on_activation_error);
} else {
Jetpack::activate_default_modules(false, false, array(), $redirect_on_activation_error);
}
// Start nonce cleaner
wp_clear_scheduled_hook('jetpack_clean_nonces');
wp_schedule_event(time(), 'hourly', 'jetpack_clean_nonces');
Jetpack::state('message', 'authorized');
return 'authorized';
}
function authorize()
{
$data = stripslashes_deep($_GET);
$args = array();
$redirect = isset($data['redirect']) ? esc_url_raw((string) $data['redirect']) : '';
do {
$jetpack = Jetpack::init();
$role = $jetpack->translate_current_user_to_role();
if (!$role) {
Jetpack::state('error', 'no_role');
break;
}
$cap = $jetpack->translate_role_to_cap($role);
if (!$cap) {
Jetpack::state('error', 'no_cap');
break;
}
check_admin_referer("jetpack-authorize_{$role}_{$redirect}");
if (!empty($data['error'])) {
Jetpack::state('error', $data['error']);
break;
}
if (empty($data['state'])) {
Jetpack::state('error', 'no_state');
break;
}
if (!ctype_digit($data['state'])) {
Jetpack::state('error', 'invalid_state');
break;
}
$current_user_id = get_current_user_id();
if ($current_user_id != $data['state']) {
Jetpack::state('error', 'wrong_state');
break;
}
if (empty($data['code'])) {
Jetpack::state('error', 'no_code');
break;
}
$token = $this->get_token($data);
if (is_wp_error($token)) {
if ($error = $token->get_error_code()) {
Jetpack::state('error', $error);
} else {
Jetpack::state('error', 'invalid_token');
}
Jetpack::state('error_description', $token->get_error_message());
break;
}
if (!$token) {
Jetpack::state('error', 'no_token');
break;
}
$is_master_user = !Jetpack::is_active();
Jetpack::update_user_token($current_user_id, sprintf('%s.%d', $token, $current_user_id), $is_master_user);
if ($is_master_user) {
Jetpack::state('message', 'authorized');
} else {
Jetpack::state('message', 'linked');
// Don't activate anything since we are just connecting a user.
break;
}
if ($active_modules = Jetpack::get_option('active_modules')) {
Jetpack::delete_option('active_modules');
Jetpack::activate_default_modules(999, 1, $active_modules);
} else {
Jetpack::activate_default_modules();
}
$jetpack->sync->register('noop');
// Spawn a sync to make sure the Jetpack Servers know what modules are active.
// Start nonce cleaner
wp_clear_scheduled_hook('jetpack_clean_nonces');
wp_schedule_event(time(), 'hourly', 'jetpack_clean_nonces');
} while (false);
if (wp_validate_redirect($redirect)) {
wp_safe_redirect($redirect);
} else {
wp_safe_redirect(Jetpack::admin_url());
}
exit;
}
function authorize()
{
$data = stripslashes_deep($_GET);
$args = array();
$redirect = isset($data['redirect']) ? esc_url_raw((string) $data['redirect']) : '';
$jetpack_unique_connection = Jetpack_Options::get_option('unique_connection');
// Checking if site has been active/connected previously before recording unique connection
if (!$jetpack_unique_connection) {
// jetpack_unique_connection option has never been set
$jetpack_unique_connection = array('connected' => 0, 'disconnected' => 0);
update_option('jetpack_unique_connection', $jetpack_unique_connection);
//track unique connection
$jetpack = Jetpack::init();
$jetpack->stat('connections', 'unique-connection');
$jetpack->do_stats('server_side');
}
// increment number of times connected
$jetpack_unique_connection['connected'] += 1;
Jetpack_Options::update_option('unique_connection', $jetpack_unique_connection);
do {
$jetpack = $this->get_jetpack();
$role = $jetpack->translate_current_user_to_role();
if (!$role) {
Jetpack::state('error', 'no_role');
break;
}
$cap = $jetpack->translate_role_to_cap($role);
if (!$cap) {
Jetpack::state('error', 'no_cap');
break;
}
$this->check_admin_referer("jetpack-authorize_{$role}_{$redirect}");
if (!empty($data['error'])) {
Jetpack::state('error', $data['error']);
break;
}
if (empty($data['state'])) {
Jetpack::state('error', 'no_state');
break;
}
if (!ctype_digit($data['state'])) {
Jetpack::state('error', 'invalid_state');
break;
}
$current_user_id = get_current_user_id();
if ($current_user_id != $data['state']) {
Jetpack::state('error', 'wrong_state');
break;
}
if (empty($data['code'])) {
Jetpack::state('error', 'no_code');
break;
}
$token = $this->get_token($data);
if (is_wp_error($token)) {
if ($error = $token->get_error_code()) {
Jetpack::state('error', $error);
} else {
Jetpack::state('error', 'invalid_token');
}
Jetpack::state('error_description', $token->get_error_message());
break;
}
if (!$token) {
Jetpack::state('error', 'no_token');
break;
}
$is_master_user = !Jetpack::is_active();
Jetpack::update_user_token($current_user_id, sprintf('%s.%d', $token, $current_user_id), $is_master_user);
if ($is_master_user) {
Jetpack::state('message', 'authorized');
} else {
Jetpack::state('message', 'linked');
// Don't activate anything since we are just connecting a user.
break;
}
if ($active_modules = Jetpack_Options::get_option('active_modules')) {
Jetpack_Options::delete_option('active_modules');
Jetpack::activate_default_modules(999, 1, $active_modules);
} else {
Jetpack::activate_default_modules();
}
// Sync all registers options and constants
do_action('jetpack_sync_all_registered_options');
// Start nonce cleaner
wp_clear_scheduled_hook('jetpack_clean_nonces');
wp_schedule_event(time(), 'hourly', 'jetpack_clean_nonces');
} while (false);
if (wp_validate_redirect($redirect)) {
$this->wp_safe_redirect($redirect);
} else {
$this->wp_safe_redirect(Jetpack::admin_url());
}
$this->do_exit();
}
