WC_REST_Authentication::check_oauth_signature() │ private │ WC 1.0

Verify that the consumer-provided request signature matches our generated signature, this ensures the consumer has a valid key/secret.

Метод класса: WC_REST_Authentication{}

Хуков нет.

Возвращает

true|WP_Error.

Использование

// private - только в коде основоного (родительского) класса
$result = $this->check_oauth_signature( $user, $params );

$user(stdClass) (обязательный)

User data.

$params(массив) (обязательный)

The request parameters.

Код WC_REST_Authentication::check_oauth_signature() WC REST Authentication::check oauth signature ^{WC 7.3.0}

private function check_oauth_signature( $user, $params ) {
	$http_method  = isset( $_SERVER['REQUEST_METHOD'] ) ? strtoupper( $_SERVER['REQUEST_METHOD'] ) : ''; // WPCS: sanitization ok.
	$request_path = isset( $_SERVER['REQUEST_URI'] ) ? wp_parse_url( $_SERVER['REQUEST_URI'], PHP_URL_PATH ) : ''; // WPCS: sanitization ok.
	$wp_base      = get_home_url( null, '/', 'relative' );
	if ( substr( $request_path, 0, strlen( $wp_base ) ) === $wp_base ) {
		$request_path = substr( $request_path, strlen( $wp_base ) );
	}
	$base_request_uri = rawurlencode( get_home_url( null, $request_path, is_ssl() ? 'https' : 'http' ) );

	// Get the signature provided by the consumer and remove it from the parameters prior to checking the signature.
	$consumer_signature = rawurldecode( str_replace( ' ', '+', $params['oauth_signature'] ) );
	unset( $params['oauth_signature'] );

	// Sort parameters.
	if ( ! uksort( $params, 'strcmp' ) ) {
		return new WP_Error( 'woocommerce_rest_authentication_error', __( 'Invalid signature - failed to sort parameters.', 'woocommerce' ), array( 'status' => 401 ) );
	}

	// Normalize parameter key/values.
	$params         = $this->normalize_parameters( $params );
	$query_string   = implode( '%26', $this->join_with_equals_sign( $params ) ); // Join with ampersand.
	$string_to_sign = $http_method . '&' . $base_request_uri . '&' . $query_string;

	if ( 'HMAC-SHA1' !== $params['oauth_signature_method'] && 'HMAC-SHA256' !== $params['oauth_signature_method'] ) {
		return new WP_Error( 'woocommerce_rest_authentication_error', __( 'Invalid signature - signature method is invalid.', 'woocommerce' ), array( 'status' => 401 ) );
	}

	$hash_algorithm = strtolower( str_replace( 'HMAC-', '', $params['oauth_signature_method'] ) );
	$secret         = $user->consumer_secret . '&';
	$signature      = base64_encode( hash_hmac( $hash_algorithm, $string_to_sign, $secret, true ) );

	if ( ! hash_equals( $signature, $consumer_signature ) ) { // @codingStandardsIgnoreLine
		return new WP_Error( 'woocommerce_rest_authentication_error', __( 'Invalid signature - provided signature does not match.', 'woocommerce' ), array( 'status' => 401 ) );
	}

	return true;
}