id = $id; $this->post_data = get_post( $id ); } /** * Magic isset as a wrapper around metadata_exists(). * * @since 2.2 * @param string $key * @return bool true if $key isset, false otherwise */ public function __isset( $key ) { if ( ! $this->id ) { return false; } return metadata_exists( 'post', $this->id, '_' . $key ); } /** * Magic get, wraps get_post_meta() for all keys except $status. * * @since 2.2 * @param string $key * @return mixed value */ public function __get( $key ) { if ( 'status' === $key ) { $value = $this->get_status(); } else { $value = get_post_meta( $this->id, '_' . $key, true ); } return $value; } /** * Enqueue the hooks associated with the webhook. * * @since 2.2 */ public function enqueue() { $hooks = $this->get_hooks(); $url = $this->get_delivery_url(); if ( is_array( $hooks ) && ! empty( $url ) ) { foreach ( $hooks as $hook ) { add_action( $hook, array( $this, 'process' ) ); } } } /** * Process the webhook for delivery by verifying that it should be delivered. * and scheduling the delivery (in the background by default, or immediately). * * @since 2.2 * @param mixed $arg the first argument provided from the associated hooks */ public function process( $arg ) { // verify that webhook should be processed for delivery if ( ! $this->should_deliver( $arg ) ) { return; } // webhooks are processed in the background by default // so as to avoid delays or failures in delivery from affecting the // user who triggered it if ( apply_filters( 'woocommerce_webhook_deliver_async', true, $this, $arg ) ) { // deliver in background wp_schedule_single_event( time(), 'woocommerce_deliver_webhook_async', array( $this->id, $arg ) ); } else { // deliver immediately $this->deliver( $arg ); } } /** * Helper to check if the webhook should be delivered, as some hooks. * (like `wp_trash_post`) will fire for every post type, not just ours. * * @since 2.2 * @param mixed $arg first hook argument * @return bool true if webhook should be delivered, false otherwise */ private function should_deliver( $arg ) { $should_deliver = true; $current_action = current_action(); // only active webhooks can be delivered if ( 'active' != $this->get_status() ) { $should_deliver = false; } elseif ( in_array( $current_action, array( 'delete_post', 'wp_trash_post', 'untrashed_post' ), true ) ) { // Only deliver deleted/restored event for coupons, orders, and products. if ( isset( $GLOBALS['post_type'] ) && ! in_array( $GLOBALS['post_type'], array( 'shop_coupon', 'shop_order', 'product' ) ) ) { $should_deliver = false; } // Check if is delivering for the correct resource. if ( isset( $GLOBALS['post_type'] ) && str_replace( 'shop_', '', $GLOBALS['post_type'] ) !== $this->get_resource() ) { $should_deliver = false; } } elseif ( 'delete_user' == $current_action ) { $user = get_userdata( absint( $arg ) ); // only deliver deleted customer event for users with customer role if ( ! $user || ! in_array( 'customer', (array) $user->roles ) ) { $should_deliver = false; } // check if the custom order type has chosen to exclude order webhooks from triggering along with its own webhooks. } elseif ( 'order' == $this->get_resource() && ! in_array( get_post_type( absint( $arg ) ), wc_get_order_types( 'order-webhooks' ) ) ) { $should_deliver = false; } elseif ( 0 === strpos( $current_action, 'woocommerce_process_shop' ) || 0 === strpos( $current_action, 'woocommerce_process_product' ) ) { // the `woocommerce_process_shop_*` and `woocommerce_process_product_*` hooks // fire for create and update of products and orders, so check the post // creation date to determine the actual event $resource = get_post( absint( $arg ) ); // Drafts don't have post_date_gmt so calculate it here $gmt_date = get_gmt_from_date( $resource->post_date ); // a resource is considered created when the hook is executed within 10 seconds of the post creation date $resource_created = ( ( time() - 10 ) <= strtotime( $gmt_date ) ); if ( 'created' == $this->get_event() && ! $resource_created ) { $should_deliver = false; } elseif ( 'updated' == $this->get_event() && $resource_created ) { $should_deliver = false; } } /* * Let other plugins intercept deliver for some messages queue like rabbit/zeromq */ return apply_filters( 'woocommerce_webhook_should_deliver', $should_deliver, $this, $arg ); } /** * Deliver the webhook payload using wp_safe_remote_request(). * * @since 2.2 * @param mixed $arg First hook argument. */ public function deliver( $arg ) { $payload = $this->build_payload( $arg ); // Setup request args. $http_args = array( 'method' => 'POST', 'timeout' => MINUTE_IN_SECONDS, 'redirection' => 0, 'httpversion' => '1.0', 'blocking' => true, 'user-agent' => sprintf( 'WooCommerce/%s Hookshot (WordPress/%s)', WC_VERSION, $GLOBALS['wp_version'] ), 'body' => trim( json_encode( $payload ) ), 'headers' => array( 'Content-Type' => 'application/json' ), 'cookies' => array(), ); $http_args = apply_filters( 'woocommerce_webhook_http_args', $http_args, $arg, $this->id ); // Add custom headers. $http_args['headers']['X-WC-Webhook-Source'] = home_url( '/' ); // Since 2.6.0. $http_args['headers']['X-WC-Webhook-Topic'] = $this->get_topic(); $http_args['headers']['X-WC-Webhook-Resource'] = $this->get_resource(); $http_args['headers']['X-WC-Webhook-Event'] = $this->get_event(); $http_args['headers']['X-WC-Webhook-Signature'] = $this->generate_signature( $http_args['body'] ); $http_args['headers']['X-WC-Webhook-ID'] = $this->id; $http_args['headers']['X-WC-Webhook-Delivery-ID'] = $delivery_id = $this->get_new_delivery_id(); $start_time = microtime( true ); // Webhook away! $response = wp_safe_remote_request( $this->get_delivery_url(), $http_args ); $duration = round( microtime( true ) - $start_time, 5 ); $this->log_delivery( $delivery_id, $http_args, $response, $duration ); do_action( 'woocommerce_webhook_delivery', $http_args, $response, $duration, $arg, $this->id ); } /** * Get Legacy API payload. * * @since 3.0.0 * @param string $resource Resource type. * @param int $resource_id Resource ID. * @param string $event Event type. * @return array */ private function get_legacy_api_payload( $resource, $resource_id, $event ) { // Include & load API classes. WC()->api->includes(); WC()->api->register_resources( new WC_API_Server( '/' ) ); switch ( $resource ) { case 'coupon' : $payload = WC()->api->WC_API_Coupons->get_coupon( $resource_id ); break; case 'customer' : $payload = WC()->api->WC_API_Customers->get_customer( $resource_id ); break; case 'order' : $payload = WC()->api->WC_API_Orders->get_order( $resource_id, null, apply_filters( 'woocommerce_webhook_order_payload_filters', array() ) ); break; case 'product' : // Bulk and quick edit action hooks return a product object instead of an ID. if ( 'updated' === $event && is_a( $resource_id, 'WC_Product' ) ) { $resource_id = $resource_id->get_id(); } $payload = WC()->api->WC_API_Products->get_product( $resource_id ); break; // Custom topics include the first hook argument. case 'action' : $payload = array( 'action' => current( $this->get_hooks() ), 'arg' => $resource_id, ); break; default : $payload = array(); break; } return $payload; } /** * Get WP API integration payload. * * @since 3.0.0 * @param string $resource Resource type. * @param int $resource_id Resource ID. * @param string $event Event type. * @return array */ private function get_wp_api_payload( $resource, $resource_id, $event ) { $version_suffix = 'wp_api_v1' === $this->get_api_version() ? '_V1' : ''; switch ( $resource ) { case 'coupon' : case 'customer' : case 'order' : case 'product' : $class = 'WC_REST_' . ucfirst( $resource ) . 's' . $version_suffix . '_Controller'; $request = new WP_REST_Request( 'GET' ); $controller = new $class; // Bulk and quick edit action hooks return a product object instead of an ID. if ( 'product' === $resource && 'updated' === $event && is_a( $resource_id, 'WC_Product' ) ) { $resource_id = $resource_id->get_id(); } $request->set_param( 'id', $resource_id ); $result = $controller->get_item( $request ); $payload = isset( $result->data ) ? $result->data : array(); break; // Custom topics include the first hook argument. case 'action' : $payload = array( 'action' => current( $this->get_hooks() ), 'arg' => $resource_id, ); break; default : $payload = array(); break; } return $payload; } /** * Build the payload data for the webhook. * * @since 2.2 * @param mixed $resource_id first hook argument, typically the resource ID * @return mixed payload data */ public function build_payload( $resource_id ) { // build the payload with the same user context as the user who created // the webhook -- this avoids permission errors as background processing // runs with no user context $current_user = get_current_user_id(); wp_set_current_user( $this->get_user_id() ); $resource = $this->get_resource(); $event = $this->get_event(); // If a resource has been deleted, just include the ID. if ( 'deleted' == $event ) { $payload = array( 'id' => $resource_id, ); } else { if ( in_array( $this->get_api_version(), array( 'wp_api_v1', 'wp_api_v2' ), true ) ) { $payload = $this->get_wp_api_payload( $resource, $resource_id, $event ); } else { $payload = $this->get_legacy_api_payload( $resource, $resource_id, $event ); } } // Restore the current user. wp_set_current_user( $current_user ); return apply_filters( 'woocommerce_webhook_payload', $payload, $resource, $resource_id, $this->id ); } /** * Generate a base64-encoded HMAC-SHA256 signature of the payload body so the. * recipient can verify the authenticity of the webhook. Note that the signature. * is calculated after the body has already been encoded (JSON by default). * * @since 2.2 * @param string $payload payload data to hash * @return string hash */ public function generate_signature( $payload ) { $hash_algo = apply_filters( 'woocommerce_webhook_hash_algorithm', 'sha256', $payload, $this->id ); return base64_encode( hash_hmac( $hash_algo, $payload, $this->get_secret(), true ) ); } /** * Create a new comment for log the delivery request/response and. * return the ID for inclusion in the webhook request. * * @since 2.2 * @return int delivery (comment) ID */ public function get_new_delivery_id() { $comment_data = apply_filters( 'woocommerce_new_webhook_delivery_data', array( 'comment_author' => __( 'WooCommerce', 'woocommerce' ), 'comment_author_email' => sanitize_email( sprintf( '%s@%s', strtolower( __( 'WooCommerce', 'woocommerce' ) ), isset( $_SERVER['HTTP_HOST'] ) ? str_replace( 'www.', '', $_SERVER['HTTP_HOST'] ) : 'noreply.com' ) ), 'comment_post_ID' => $this->id, 'comment_agent' => 'WooCommerce Hookshot', 'comment_type' => 'webhook_delivery', 'comment_parent' => 0, 'comment_approved' => 1, ), $this->id ); $comment_id = wp_insert_comment( $comment_data ); return $comment_id; } /** * Log the delivery request/response. * * @since 2.2 * @param int $delivery_id previously created comment ID * @param array $request request data * @param array|WP_Error $response response data * @param float $duration request duration */ public function log_delivery( $delivery_id, $request, $response, $duration ) { // save request data add_comment_meta( $delivery_id, '_request_method', $request['method'] ); add_comment_meta( $delivery_id, '_request_headers', array_merge( array( 'User-Agent' => $request['user-agent'] ), $request['headers'] ) ); add_comment_meta( $delivery_id, '_request_body', wp_slash( $request['body'] ) ); // parse response if ( is_wp_error( $response ) ) { $response_code = $response->get_error_code(); $response_message = $response->get_error_message(); $response_headers = array(); $response_body = ''; } else { $response_code = wp_remote_retrieve_response_code( $response ); $response_message = wp_remote_retrieve_response_message( $response ); $response_headers = wp_remote_retrieve_headers( $response ); $response_body = wp_remote_retrieve_body( $response ); } // save response data add_comment_meta( $delivery_id, '_response_code', $response_code ); add_comment_meta( $delivery_id, '_response_message', $response_message ); add_comment_meta( $delivery_id, '_response_headers', $response_headers ); add_comment_meta( $delivery_id, '_response_body', $response_body ); // save duration add_comment_meta( $delivery_id, '_duration', $duration ); // set a summary for quick display $args = array( 'comment_ID' => $delivery_id, 'comment_content' => sprintf( 'HTTP %s %s: %s', $response_code, $response_message, $response_body ), ); wp_update_comment( $args ); // track failures if ( intval( $response_code ) >= 200 && intval( $response_code ) < 300 ) { delete_post_meta( $this->id, '_failure_count' ); } else { $this->failed_delivery(); } // keep the 25 most recent delivery logs $log = wp_count_comments( $this->id ); if ( $log->total_comments > apply_filters( 'woocommerce_max_webhook_delivery_logs', 25 ) ) { global $wpdb; $comment_id = $wpdb->get_var( $wpdb->prepare( "SELECT comment_ID FROM {$wpdb->comments} WHERE comment_post_ID = %d ORDER BY comment_date_gmt ASC LIMIT 1", $this->id ) ); if ( $comment_id ) { wp_delete_comment( $comment_id, true ); } } } /** * Track consecutive delivery failures and automatically disable the webhook. * if more than 5 consecutive failures occur. A failure is defined as a. * non-2xx response. * * @since 2.2 */ private function failed_delivery() { $failures = $this->get_failure_count(); if ( $failures > apply_filters( 'woocommerce_max_webhook_delivery_failures', 5 ) ) { $this->update_status( 'disabled' ); } else { update_post_meta( $this->id, '_failure_count', ++$failures ); } } /** * Get the delivery logs for this webhook. * * @since 2.2 * @return array */ public function get_delivery_logs() { $args = array( 'post_id' => $this->id, 'status' => 'approve', 'type' => 'webhook_delivery', ); remove_filter( 'comments_clauses', array( 'WC_Comments', 'exclude_webhook_comments' ), 10, 1 ); $logs = get_comments( $args ); add_filter( 'comments_clauses', array( 'WC_Comments', 'exclude_webhook_comments' ), 10, 1 ); $delivery_logs = array(); foreach ( $logs as $log ) { $log = $this->get_delivery_log( $log->comment_ID ); $delivery_logs[] = ( ! empty( $log ) ? $log : array() ); } return $delivery_logs; } /** * Get the delivery log specified by the ID. The delivery log includes: * * + duration * + summary * + request method/url * + request headers/body * + response code/message/headers/body * * @since 2.2 * @param int $delivery_id * @return bool|array false if invalid delivery ID, array of log data otherwise */ public function get_delivery_log( $delivery_id ) { $log = get_comment( $delivery_id ); // valid comment and ensure delivery log belongs to this webhook if ( is_null( $log ) || $log->comment_post_ID != $this->id ) { return false; } $delivery_log = array( 'id' => intval( $delivery_id ), 'duration' => get_comment_meta( $delivery_id, '_duration', true ), 'summary' => $log->comment_content, 'request_method' => get_comment_meta( $delivery_id, '_request_method', true ), 'request_url' => $this->get_delivery_url(), 'request_headers' => get_comment_meta( $delivery_id, '_request_headers', true ), 'request_body' => get_comment_meta( $delivery_id, '_request_body', true ), 'response_code' => get_comment_meta( $delivery_id, '_response_code', true ), 'response_message' => get_comment_meta( $delivery_id, '_response_message', true ), 'response_headers' => get_comment_meta( $delivery_id, '_response_headers', true ), 'response_body' => get_comment_meta( $delivery_id, '_response_body', true ), 'comment' => $log, ); return apply_filters( 'woocommerce_webhook_delivery_log', $delivery_log, $delivery_id, $this->id ); } /** * Set the webhook topic and associated hooks. The topic resource & event. * are also saved separately. * * @since 2.2 * @param string $topic */ public function set_topic( $topic ) { $topic = strtolower( $topic ); list( $resource, $event ) = explode( '.', $topic ); update_post_meta( $this->id, '_topic', $topic ); update_post_meta( $this->id, '_resource', $resource ); update_post_meta( $this->id, '_event', $event ); // custom topics are mapped to a single hook if ( 'action' === $resource ) { update_post_meta( $this->id, '_hooks', array( $event ) ); } else { // API topics have multiple hooks update_post_meta( $this->id, '_hooks', $this->get_topic_hooks( $topic ) ); } } /** * Get the associated hook names for a topic. * * @since 2.2 * @param string $topic * @return array hook names */ private function get_topic_hooks( $topic ) { $topic_hooks = array( 'coupon.created' => array( 'woocommerce_process_shop_coupon_meta', 'woocommerce_new_coupon', ), 'coupon.updated' => array( 'woocommerce_process_shop_coupon_meta', 'woocommerce_update_coupon', ), 'coupon.deleted' => array( 'wp_trash_post', ), 'coupon.restored' => array( 'untrashed_post', ), 'customer.created' => array( 'user_register', 'woocommerce_created_customer', 'woocommerce_new_customer', ), 'customer.updated' => array( 'profile_update', 'woocommerce_update_customer', ), 'customer.deleted' => array( 'delete_user', ), 'order.created' => array( 'woocommerce_process_shop_order_meta', 'woocommerce_new_order', ), 'order.updated' => array( 'woocommerce_process_shop_order_meta', 'woocommerce_update_order', ), 'order.deleted' => array( 'wp_trash_post', ), 'order.restored' => array( 'untrashed_post', ), 'product.created' => array( 'woocommerce_process_product_meta', 'woocommerce_new_product', 'woocommerce_new_product_variation', ), 'product.updated' => array( 'woocommerce_process_product_meta', 'woocommerce_update_product', 'woocommerce_update_product_variation', ), 'product.deleted' => array( 'wp_trash_post', ), 'product.restored' => array( 'untrashed_post', ), ); $topic_hooks = apply_filters( 'woocommerce_webhook_topic_hooks', $topic_hooks, $this ); return isset( $topic_hooks[ $topic ] ) ? $topic_hooks[ $topic ] : array(); } /** * Send a test ping to the delivery URL, sent when the webhook is first created. * * @since 2.2 * @return bool|WP_Error */ public function deliver_ping() { $args = array( 'user-agent' => sprintf( 'WooCommerce/%s Hookshot (WordPress/%s)', WC_VERSION, $GLOBALS['wp_version'] ), 'body' => "webhook_id={$this->id}", ); $test = wp_safe_remote_post( $this->get_delivery_url(), $args ); $response_code = wp_remote_retrieve_response_code( $test ); if ( is_wp_error( $test ) ) { return new WP_Error( 'error', sprintf( __( 'Error: Delivery URL cannot be reached: %s', 'woocommerce' ), $test->get_error_message() ) ); } if ( 200 !== $response_code ) { return new WP_Error( 'error', sprintf( __( 'Error: Delivery URL returned response code: %s', 'woocommerce' ), absint( $response_code ) ) ); } delete_post_meta( $this->id, '_webhook_pending_delivery' ); return true; } /** * Get the webhook status: * * + `active` - delivers payload. * + `paused` - does not deliver payload, paused by admin. * + `disabled` - does not delivery payload, paused automatically due to. * consecutive failures. * * @since 2.2 * @return string status */ public function get_status() { switch ( $this->get_post_data()->post_status ) { case 'publish': $status = 'active'; break; case 'draft': $status = 'paused'; break; case 'pending': $status = 'disabled'; break; default: $status = 'paused'; } return apply_filters( 'woocommerce_webhook_status', $status, $this->id ); } /** * Get the webhook i18n status. * * @return string */ public function get_i18n_status() { $status = $this->get_status(); $statuses = wc_get_webhook_statuses(); return isset( $statuses[ $status ] ) ? $statuses[ $status ] : $status; } /** * Update the webhook status, see get_status() for valid statuses. * * @since 2.2 * @param $status */ public function update_status( $status ) { global $wpdb; switch ( $status ) { case 'active' : $post_status = 'publish'; break; case 'paused' : $post_status = 'draft'; break; case 'disabled' : $post_status = 'pending'; break; default : $post_status = 'draft'; break; } $wpdb->update( $wpdb->posts, array( 'post_status' => $post_status ), array( 'ID' => $this->id ) ); clean_post_cache( $this->id ); } /** * Set the delivery URL. * * @since 2.2 * @param string $url */ public function set_delivery_url( $url ) { if ( update_post_meta( $this->id, '_delivery_url', esc_url_raw( $url, array( 'http', 'https' ) ) ) ) { update_post_meta( $this->id, '_webhook_pending_delivery', true ); } } /** * Get the delivery URL. * * @since 2.2 * @return string */ public function get_delivery_url() { return apply_filters( 'woocommerce_webhook_delivery_url', $this->delivery_url, $this->id ); } /** * Set the secret used for generating the HMAC-SHA256 signature. * * @since 2.2 * @param string $secret */ public function set_secret( $secret ) { update_post_meta( $this->id, '_secret', $secret ); } /** * Get the secret used for generating the HMAC-SHA256 signature. * * @since 2.2 * @return string */ public function get_secret() { return apply_filters( 'woocommerce_webhook_secret', $this->secret, $this->id ); } /** * Get the friendly name for the webhook. * * @since 2.2 * @return string */ public function get_name() { return apply_filters( 'woocommerce_webhook_name', $this->get_post_data()->post_title, $this->id ); } /** * Get the webhook topic, e.g. `order.created`. * * @since 2.2 * @return string */ public function get_topic() { return apply_filters( 'woocommerce_webhook_topic', $this->topic, $this->id ); } /** * Get the hook names for the webhook. * * @since 2.2 * @return array hook names */ public function get_hooks() { return apply_filters( 'woocommerce_webhook_hooks', $this->hooks, $this->id ); } /** * Get the resource for the webhook, e.g. `order`. * * @since 2.2 * @return string */ public function get_resource() { return apply_filters( 'woocommerce_webhook_resource', $this->resource, $this->id ); } /** * Get the event for the webhook, e.g. `created`. * * @since 2.2 * @return string */ public function get_event() { return apply_filters( 'woocommerce_webhook_event', $this->event, $this->id ); } /** * Get the failure count. * * @since 2.2 * @return int */ public function get_failure_count() { return intval( $this->failure_count ); } /** * Get the user ID for this webhook. * * @since 2.2 * @return int|string user ID */ public function get_user_id() { return $this->get_post_data()->post_author; } /** * Get the post data for the webhook. * * @since 2.2 * @return null|WP_Post */ public function get_post_data() { return $this->post_data; } /** * Set API version. * * @since 3.0.0 * @param string $version REST API version. */ public function set_api_version( $version ) { $versions = array( 'wp_api_v2', 'wp_api_v1', 'legacy_v3', ); if ( ! in_array( $version, $versions, true ) ) { $version = 'wp_api_v2'; } update_post_meta( $this->id, '_api_version', $version ); } /** * API version. * * @since 3.0.0 * @return string */ public function get_api_version() { return $this->api_version ? $this->api_version : 'legacy_v3'; } }