WC_API_Authentication::perform_ssl_authentication()
SSL-encrypted requests are not subject to sniffing or man-in-the-middle attacks, so the request can be authenticated by simply looking up the user associated with the given consumer key and confirming the consumer secret provided is valid
Метод класса: WC_API_Authentication{}
Хуков нет.
Возвращает
Массив
.
Использование
// private - только в коде основоного (родительского) класса $result = $this->perform_ssl_authentication();
Список изменений
С версии 2.1 | Введена. |
Код WC_API_Authentication::perform_ssl_authentication() WC API Authentication::perform ssl authentication WC 8.7.0
private function perform_ssl_authentication() { $params = WC()->api->server->params['GET']; // if the $_GET parameters are present, use those first if ( ! empty( $params['consumer_key'] ) && ! empty( $params['consumer_secret'] ) ) { $keys = $this->get_keys_by_consumer_key( $params['consumer_key'] ); if ( ! $this->is_consumer_secret_valid( $keys['consumer_secret'], $params['consumer_secret'] ) ) { throw new Exception( __( 'Consumer secret is invalid.', 'woocommerce' ), 401 ); } return $keys; } // if the above is not present, we will do full basic auth if ( empty( $_SERVER['PHP_AUTH_USER'] ) || empty( $_SERVER['PHP_AUTH_PW'] ) ) { $this->exit_with_unauthorized_headers(); } $keys = $this->get_keys_by_consumer_key( $_SERVER['PHP_AUTH_USER'] ); if ( ! $this->is_consumer_secret_valid( $keys['consumer_secret'], $_SERVER['PHP_AUTH_PW'] ) ) { $this->exit_with_unauthorized_headers(); } return $keys; }