$value ) { if ( 'authorization' === strtolower( $key ) ) { return $value; } } } return ''; } /** * Check if this is a request to WCCOM Site REST API. * * @since 3.7.0 * @return bool */ protected static function is_request_to_wccom_site_rest_api() { $request_uri = add_query_arg( array() ); $rest_prefix = trailingslashit( rest_get_url_prefix() ); $request_uri = esc_url_raw( wp_unslash( $request_uri ) ); return false !== strpos( $request_uri, $rest_prefix . 'wccom-site/' ); } /** * Verify WooCommerce.com request from a given body and signature request. * * @since 3.7.0 * @param string $body Request body. * @param string $signature Request signature found in X-Woo-Signature header. * @param string $access_token_secret Access token secret for this site. * @return bool */ protected static function verify_wccom_request( $body, $signature, $access_token_secret ) { // phpcs:disable WordPress.Security.ValidatedSanitizedInput.InputNotValidated, WordPress.Security.ValidatedSanitizedInput.MissingUnslash, WordPress.Security.ValidatedSanitizedInput.InputNotSanitized $data = array( 'host' => $_SERVER['HTTP_HOST'], 'request_uri' => $_SERVER['REQUEST_URI'], 'method' => strtoupper( $_SERVER['REQUEST_METHOD'] ), ); // phpcs:enable if ( ! empty( $body ) ) { $data['body'] = $body; } $expected_signature = hash_hmac( 'sha256', wp_json_encode( $data ), $access_token_secret ); return hash_equals( $expected_signature, $signature ); } /** * Register wccom-site REST namespace. * * @since 3.7.0 * @param array $namespaces List of registered namespaces. * @return array Registered namespaces. */ public static function register_rest_namespace( $namespaces ) { require_once WC_ABSPATH . 'includes/wccom-site/rest-api/endpoints/class-wc-rest-wccom-site-installer-controller.php'; $namespaces['wccom-site/v1'] = array( 'installer' => 'WC_REST_WCCOM_Site_Installer_Controller', ); return $namespaces; } } WC_WCCOM_Site::load();