verify_xml_rpc_signature(); $token_key = $verified['token_key']; } $token = ( new Tokens() )->get_access_token( $user_id, $token_key ); if ( ! $token || is_wp_error( $token ) ) { return false; } define( 'REST_API_REQUEST', true ); define( 'WPCOM_JSON_API__BASE', 'public-api.wordpress.com/rest/v1' ); // needed? require_once ABSPATH . 'wp-admin/includes/admin.php'; require_once JETPACK__PLUGIN_DIR . 'class.json-api.php'; $api = WPCOM_JSON_API::init( $method, $url, $post_body ); $api->token_details['user'] = $user_details; require_once JETPACK__PLUGIN_DIR . 'class.json-api-endpoints.php'; $display_errors = ini_set( 'display_errors', 0 ); // phpcs:ignore WordPress.PHP.IniSet ob_start(); $api->serve( false ); $output = ob_get_clean(); ini_set( 'display_errors', $display_errors ); // phpcs:ignore WordPress.PHP.IniSet $nonce = wp_generate_password( 10, false ); $hmac = hash_hmac( 'md5', $nonce . $output, $token->secret ); wp_set_current_user( isset( $old_user->ID ) ? $old_user->ID : 0 ); return array( (string) $output, (string) $nonce, (string) $hmac, ); } /** * Filters the response of the remote_provision XMLRPC method * * @param array $response The response. * @param array $request An array containing at minimum a nonce key and a local_username key. * * @since 9.8.0 * @return array */ public static function remote_provision_response( $response, $request ) { if ( ! empty( $request['onboarding'] ) ) { Jetpack::create_onboarding_token(); $response['onboarding_token'] = Jetpack_Options::get_option( 'onboarding' ); } return $response; } /** * Runs Jetpack specific action in xmlrpc server events * * @param String $action the action name, i.e., 'remote_authorize'. * @param String $stage the execution stage, can be 'begin', 'success', 'error', etc. * @param array $parameters extra parameters from the event. * @param WP_User $user the acting user. * @return void */ public static function jetpack_xmlrpc_server_event( $action, $stage, $parameters = array(), $user = null ) { //phpcs:ignore VariableAnalysis.CodeAnalysis.VariableAnalysis.UnusedVariable if ( 'remote_register' === $action && 'begin' === $stage ) { Jetpack::maybe_set_version_option(); } } /** * Hooks into the remote_connect XMLRPC endpoint and triggers Jetpack::handle_post_authorization_actions * * @since 9.8.0 * @return void */ public static function remote_connect_end() { /** This filter is documented in class.jetpack-cli.php */ $enable_sso = apply_filters( 'jetpack_start_enable_sso', true ); Jetpack::handle_post_authorization_actions( $enable_sso, false, false ); } /** * Filters the Redirect URI returned by the remote_register XMLRPC method * * @since 9.8.0 * * @param string $redirect_uri The Redirect URI. * @return string */ public static function remote_register_redirect_uri( $redirect_uri ) { $auto_enable_sso = ( ! ( new Connection_Manager() )->has_connected_owner() || Jetpack::is_module_active( 'sso' ) ); /** This filter is documented in class.jetpack-cli.php */ if ( apply_filters( 'jetpack_start_enable_sso', $auto_enable_sso ) ) { $redirect_uri = add_query_arg( array( 'action' => 'jetpack-sso', 'redirect_to' => rawurlencode( admin_url() ), ), wp_login_url() // TODO: come back to Jetpack dashboard? ); } return $redirect_uri; } }