-
Notifications
You must be signed in to change notification settings - Fork 21
/
AccountController.php
285 lines (255 loc) · 7.76 KB
/
AccountController.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
<?php
declare( strict_types=1 );
namespace Automattic\WooCommerce\GoogleListingsAndAds\API\Site\Controllers\Jetpack;
use Automattic\Jetpack\Connection\Manager;
use Automattic\WooCommerce\GoogleListingsAndAds\API\Site\Controllers\BaseOptionsController;
use Automattic\WooCommerce\GoogleListingsAndAds\API\TransportMethods;
use Automattic\WooCommerce\GoogleListingsAndAds\API\Google\Middleware;
use Automattic\WooCommerce\GoogleListingsAndAds\Options\OptionsInterface;
use Automattic\WooCommerce\GoogleListingsAndAds\Proxies\RESTServer;
use WP_REST_Request as Request;
use WP_REST_Response as Response;
defined( 'ABSPATH' ) || exit;
/**
* Class AccountController
*
* @package Automattic\WooCommerce\GoogleListingsAndAds\API\Site\Controllers\Jetpack
*/
class AccountController extends BaseOptionsController {
/**
* @var Manager
*/
protected $manager;
/**
* @var Middleware
*/
protected $middleware;
/**
* Retain the connected state to prevent multiple external calls to validate the token.
*
* @var bool
*/
private $jetpack_connected_state;
/**
* Mapping between the client page name and its path.
* The first value is also used as a default,
* and changing the order of keys/values may affect things below.
*
* @var string[]
*/
private const NEXT_PATH_MAPPING = [
'setup-mc' => '/google/setup-mc',
'reconnect' => '/google/settings&subpath=/reconnect-wpcom-account',
];
/**
* BaseController constructor.
*
* @param RESTServer $server
* @param Manager $manager
* @param Middleware $middleware
*/
public function __construct( RESTServer $server, Manager $manager, Middleware $middleware ) {
parent::__construct( $server );
$this->manager = $manager;
$this->middleware = $middleware;
}
/**
* Register rest routes with WordPress.
*/
public function register_routes(): void {
$this->register_route(
'jetpack/connect',
[
[
'methods' => TransportMethods::READABLE,
'callback' => $this->get_connect_callback(),
'permission_callback' => $this->get_permission_callback(),
'args' => $this->get_connect_params(),
],
[
'methods' => TransportMethods::DELETABLE,
'callback' => $this->get_disconnect_callback(),
'permission_callback' => $this->get_permission_callback(),
],
'schema' => $this->get_api_response_schema_callback(),
]
);
$this->register_route(
'jetpack/connected',
[
[
'methods' => TransportMethods::READABLE,
'callback' => $this->get_connected_callback(),
'permission_callback' => $this->get_permission_callback(),
],
]
);
}
/**
* Get the callback function for the connection request.
*
* @return callable
*/
protected function get_connect_callback(): callable {
return function ( Request $request ) {
// Register the site to WPCOM.
if ( $this->manager->is_connected() ) {
$result = $this->manager->reconnect();
} else {
$result = $this->manager->register();
}
if ( is_wp_error( $result ) ) {
return new Response(
[
'status' => 'error',
'message' => $result->get_error_message(),
],
400
);
}
// Get an authorization URL which will redirect back to our page.
$next = $request->get_param( 'next_page_name' );
$path = self::NEXT_PATH_MAPPING[ $next ];
$redirect = admin_url( "admin.php?page=wc-admin&path={$path}" );
$auth_url = $this->manager->get_authorization_url( null, $redirect );
// Payments flow allows redirect back to the site without showing plans. Escaping the URL preventing XSS.
$auth_url = esc_url( add_query_arg( [ 'from' => 'google-listings-and-ads' ], $auth_url ), null, 'db' );
return [
'url' => $auth_url,
];
};
}
/**
* Get the query params for the connection request.
*
* @return array
*/
protected function get_connect_params(): array {
return [
'context' => $this->get_context_param( [ 'default' => 'view' ] ),
'next_page_name' => [
'description' => __( 'Indicates the next page name mapped to the redirect URL when back from Jetpack authorization.', 'google-listings-and-ads' ),
'type' => 'string',
'default' => array_key_first( self::NEXT_PATH_MAPPING ),
'enum' => array_keys( self::NEXT_PATH_MAPPING ),
'validate_callback' => 'rest_validate_request_arg',
],
];
}
/**
* Get the callback function for the disconnection request.
*
* @return callable
*/
protected function get_disconnect_callback(): callable {
return function () {
$this->manager->remove_connection();
$this->options->delete( OptionsInterface::WP_TOS_ACCEPTED );
$this->options->delete( OptionsInterface::JETPACK_CONNECTED );
return [
'status' => 'success',
'message' => __( 'Successfully disconnected.', 'google-listings-and-ads' ),
];
};
}
/**
* Get the callback function to determine if Jetpack is currently connected.
*
* @return callable
*/
protected function get_connected_callback(): callable {
return function () {
if ( $this->is_jetpack_connected() && ! $this->options->get( OptionsInterface::WP_TOS_ACCEPTED ) ) {
$this->log_wp_tos_accepted();
}
// Update connection status.
$this->options->update( OptionsInterface::JETPACK_CONNECTED, $this->is_jetpack_connected() );
$user_data = $this->get_jetpack_user_data();
return [
'active' => $this->display_boolean( $this->is_jetpack_connected() ),
'owner' => $this->display_boolean( $this->is_jetpack_connection_owner() ),
'displayName' => $user_data['display_name'] ?? '',
'email' => $user_data['email'] ?? '',
];
};
}
/**
* Determine whether Jetpack is connected.
* Check if manager is active and we have a valid token.
*
* @return bool
*/
protected function is_jetpack_connected(): bool {
if ( null !== $this->jetpack_connected_state ) {
return $this->jetpack_connected_state;
}
if ( ! $this->manager->has_connected_owner() || ! $this->manager->is_connected() ) {
$this->jetpack_connected_state = false;
return false;
}
// Send an external request to validate the token.
$this->jetpack_connected_state = $this->manager->get_tokens()->validate_blog_token();
return $this->jetpack_connected_state;
}
/**
* Determine whether user is the current Jetpack connection owner.
*
* @return bool
*/
protected function is_jetpack_connection_owner(): bool {
return $this->manager->is_connection_owner();
}
/**
* Format boolean for display.
*
* @param bool $value
*
* @return string
*/
protected function display_boolean( bool $value ): string {
return $value ? 'yes' : 'no';
}
/**
* Get the wpcom user data of the current connected user.
*
* @return array
*/
protected function get_jetpack_user_data(): array {
$user_data = $this->manager->get_connected_user_data();
// adjust for $user_data returning false
return is_array( $user_data ) ? $user_data : [];
}
/**
* Log accepted TOS for WordPress.
*/
protected function log_wp_tos_accepted() {
$user = wp_get_current_user();
$this->middleware->mark_tos_accepted( 'wp-com', $user->user_email );
$this->options->update( OptionsInterface::WP_TOS_ACCEPTED, true );
}
/**
* Get the item schema for the controller.
*
* @return array
*/
protected function get_schema_properties(): array {
return [
'url' => [
'type' => 'string',
'description' => __( 'The URL for making a connection to Jetpack (wordpress.com).', 'google-listings-and-ads' ),
'context' => [ 'view' ],
'readonly' => true,
],
];
}
/**
* Get the item schema name for the controller.
*
* Used for building the API response schema.
*
* @return string
*/
protected function get_schema_title(): string {
return 'jetpack_account';
}
}