iotcat
/
Ushio-cn-old
mirror of https://github.com/IoTcat/Ushio-cn-old.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
175 Commits
7 Branches
0 Tags
240 MiB
Tag: Branch: Tree: 5f9d94edf4
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '5f9d94edf4'
${ noResults }
Ushio-cn-old/yimian/www/blog-wp/wp-content/plugins/wordfence/lib/rest-api/wfRESTBaseController.php

87 lines
2.0 KiB
Raw Blame History

<?php
abstract class wfRESTBaseController {
protected $tokenData;
/**
* @param WP_REST_Request $request
* @return WP_Error|bool
*/
public function verifyToken($request) {
$validToken = $this->isTokenValid($request);
if ($validToken &&
!is_wp_error($validToken) &&
$this->tokenData['body']['sub'] === wfConfig::get('wordfenceCentralSiteID')
) {
return true;
}
if (is_wp_error($validToken)) {
return $validToken;
}
return new WP_Error('rest_forbidden_context',
__('Token is invalid.', 'wordfence'),
array('status' => rest_authorization_required_code()));
}
/**
* @param WP_REST_Request $request
* @return WP_Error|bool
*/
public function verifyTokenPremium($request) {
$validToken = $this->isTokenValid($request);
if ($validToken &&
!is_wp_error($validToken) &&
$this->tokenData['body']['sub'] === 'wordfence-central-premium'
) {
return true;
}
if (is_wp_error($validToken)) {
return $validToken;
}
return new WP_Error('rest_forbidden_context',
__('Token is invalid.', 'wordfence'),
array('status' => rest_authorization_required_code()));
}
/**
* @param WP_REST_Request $request
* @return bool|WP_Error
*/
public function isTokenValid($request) {
$authHeader = $request->get_header('Authorization');
if (!$authHeader) {
$authHeader = $request->get_header('X-Authorization');
}
if (stripos($authHeader, 'bearer ') !== 0) {
return new WP_Error('rest_forbidden_context',
__('Authorization header format is invalid.', 'wordfence'),
array('status' => rest_authorization_required_code()));
}
$token = trim(substr($authHeader, 7));
$jwt = new wfJWT();
try {
$this->tokenData = $jwt->decode($token);
} catch (wfJWTException $e) {
return new WP_Error('rest_forbidden_context',
$e->getMessage(),
array('status' => rest_authorization_required_code()));
} catch (Exception $e) {
return new WP_Error('rest_forbidden_context',
__('Token is invalid.', 'wordfence'),
array('status' => rest_authorization_required_code()));
}
return true;
}
}