WC_API_Authentication::perform_ssl_authentication() │ private │ WC 2.1

SSL-encrypted requests are not subject to sniffing or man-in-the-middle attacks, so the request can be authenticated by simply looking up the user associated with the given consumer key and confirming the consumer secret provided is valid

{} Это метод класса: WC_API_Authentication{}

Хуков нет.

Возвращает

Массив.

Использование

// private - только в коде основоного (родительского) класса
$result = $this->perform_ssl_authentication();

Список изменений

Код WC_API_Authentication::perform_ssl_authentication() WC API Authentication::perform ssl authentication ^{WC 6.9.4}

private function perform_ssl_authentication() {

	$params = WC()->api->server->params['GET'];

	// Get consumer key
	if ( ! empty( $_SERVER['PHP_AUTH_USER'] ) ) {

		// Should be in HTTP Auth header by default
		$consumer_key = $_SERVER['PHP_AUTH_USER'];

	} elseif ( ! empty( $params['consumer_key'] ) ) {

		// Allow a query string parameter as a fallback
		$consumer_key = $params['consumer_key'];

	} else {

		throw new Exception( __( 'Consumer key is missing.', 'woocommerce' ), 404 );
	}

	// Get consumer secret
	if ( ! empty( $_SERVER['PHP_AUTH_PW'] ) ) {

		// Should be in HTTP Auth header by default
		$consumer_secret = $_SERVER['PHP_AUTH_PW'];

	} elseif ( ! empty( $params['consumer_secret'] ) ) {

		// Allow a query string parameter as a fallback
		$consumer_secret = $params['consumer_secret'];

	} else {

		throw new Exception( __( 'Consumer secret is missing.', 'woocommerce' ), 404 );
	}

	$keys = $this->get_keys_by_consumer_key( $consumer_key );

	if ( ! $this->is_consumer_secret_valid( $keys['consumer_secret'], $consumer_secret ) ) {
		throw new Exception( __( 'Consumer secret is invalid.', 'woocommerce' ), 401 );
	}

	return $keys;
}