class.jetpack-signature.php — Jetpack – WP Security, Backup, Speed, & Growth 6.7.2

jetpack / class.jetpack-signature.php

jetpack Last commit date

class.jetpack-signature.php

263 lines

1	<?php
2
3	// These constants can be set in wp-config.php to ensure sites behind proxies will still work.
4	// Setting these constants, though, is not the preferred method. It's better to configure
5	// the proxy to send the X-Forwarded-Port header.
6	defined( 'JETPACK_SIGNATURE__HTTP_PORT' ) or define( 'JETPACK_SIGNATURE__HTTP_PORT' , 80 );
7	defined( 'JETPACK_SIGNATURE__HTTPS_PORT' ) or define( 'JETPACK_SIGNATURE__HTTPS_PORT', 443 );
8
9	class Jetpack_Signature {
10	public $token;
11	public $secret;
12
13	function __construct( $access_token, $time_diff = 0 ) {
14	$secret = explode( '.', $access_token );
15	if ( 2 != count( $secret ) )
16	return;
17
18	$this->token = $secret[0];
19	$this->secret = $secret[1];
20	$this->time_diff = $time_diff;
21	}
22
23	function sign_current_request( $override = array() ) {
24	if ( isset( $override['scheme'] ) ) {
25	$scheme = $override['scheme'];
26	if ( !in_array( $scheme, array( 'http', 'https' ) ) ) {
27	return new Jetpack_Error( 'invalid_scheme', 'Invalid URL scheme' );
28	}
29	} else {
30	if ( is_ssl() ) {
31	$scheme = 'https';
32	} else {
33	$scheme = 'http';
34	}
35	}
36
37	$host_port = isset( $_SERVER['HTTP_X_FORWARDED_PORT'] ) ? $_SERVER['HTTP_X_FORWARDED_PORT'] : $_SERVER['SERVER_PORT'];
38
39	if ( is_ssl() ) {
40	// 443: Standard Port
41	// 80: Assume we're behind a proxy without X-Forwarded-Port. Hardcoding "80" here means most sites
42	// with SSL termination proxies (self-served, Cloudflare, etc.) don't need to fiddle with
43	// the JETPACK_SIGNATURE__HTTPS_PORT constant. The code also implies we can't talk to a
44	// site at https://example.com:80/ (which would be a strange configuration).
45	// JETPACK_SIGNATURE__HTTPS_PORT: Set this constant in wp-config.php to the back end webserver's port
46	// if the site is behind a proxy running on port 443 without
47	// X-Forwarded-Port and the back end's port is not 80. It's better,
48	// though, to configure the proxy to send X-Forwarded-Port.
49	$port = in_array( $host_port, array( 443, 80, JETPACK_SIGNATURE__HTTPS_PORT ) ) ? '' : $host_port;
50	} else {
51	// 80: Standard Port
52	// JETPACK_SIGNATURE__HTTPS_PORT: Set this constant in wp-config.php to the back end webserver's port
53	// if the site is behind a proxy running on port 80 without
54	// X-Forwarded-Port. It's better, though, to configure the proxy to
55	// send X-Forwarded-Port.
56	$port = in_array( $host_port, array( 80, JETPACK_SIGNATURE__HTTP_PORT ) ) ? '' : $host_port;
57	}
58
59	$url = "{$scheme}://{$_SERVER['HTTP_HOST']}:{$port}" . stripslashes( $_SERVER['REQUEST_URI'] );
60
61	if ( array_key_exists( 'body', $override ) && ! empty( $override['body'] ) ) {
62	$body = $override['body'];
63	} else if ( 'POST' == strtoupper( $_SERVER['REQUEST_METHOD'] ) ) {
64	$body = isset( $GLOBALS['HTTP_RAW_POST_DATA'] ) ? $GLOBALS['HTTP_RAW_POST_DATA'] : null;
65
66	// Convert the $_POST to the body, if the body was empty. This is how arrays are hashed
67	// and encoded on the Jetpack side.
68	if ( defined( 'IS_WPCOM' ) && IS_WPCOM ) {
69	if ( empty( $body ) && is_array( $_POST ) && count( $_POST ) > 0 ) {
70	$body = $_POST;
71	}
72	}
73	} else if ( 'PUT' == strtoupper( $_SERVER['REQUEST_METHOD'] ) ) {
74	// This is a little strange-looking, but there doesn't seem to be another way to get the PUT body
75	$raw_put_data = file_get_contents( 'php://input' );
76	parse_str( $raw_put_data, $body );
77
78	if ( defined( 'IS_WPCOM' ) && IS_WPCOM ) {
79	$put_data = json_decode( $raw_put_data, true );
80	if ( is_array( $put_data ) && count( $put_data ) > 0 ) {
81	$body = $put_data;
82	}
83	}
84	} else {
85	$body = null;
86	}
87
88	if ( empty( $body ) ) {
89	$body = null;
90	}
91
92	$a = array();
93	foreach ( array( 'token', 'timestamp', 'nonce', 'body-hash' ) as $parameter ) {
94	if ( isset( $override[$parameter] ) ) {
95	$a[$parameter] = $override[$parameter];
96	} else {
97	$a[$parameter] = isset( $_GET[$parameter] ) ? stripslashes( $_GET[$parameter] ) : '';
98	}
99	}
100
101	$method = isset( $override['method'] ) ? $override['method'] : $_SERVER['REQUEST_METHOD'];
102	return $this->sign_request( $a['token'], $a['timestamp'], $a['nonce'], $a['body-hash'], $method, $url, $body, true );
103	}
104
105	// body_hash v. body-hash is annoying. Refactor to accept an array?
106	function sign_request( $token = '', $timestamp = 0, $nonce = '', $body_hash = '', $method = '', $url = '', $body = null, $verify_body_hash = true ) {
107	if ( !$this->secret ) {
108	return new Jetpack_Error( 'invalid_secret', 'Invalid secret' );
109	}
110
111	if ( !$this->token ) {
112	return new Jetpack_Error( 'invalid_token', 'Invalid token' );
113	}
114
115	list( $token ) = explode( '.', $token );
116
117	if ( 0 !== strpos( $token, "$this->token:" ) ) {
118	return new Jetpack_Error( 'token_mismatch', 'Incorrect token' );
119	}
120
121	// If we got an array at this point, let's encode it, so we can see what it looks like as a string.
122	if ( is_array( $body ) ) {
123	if ( count( $body ) > 0 ) {
124	$body = json_encode( $body );
125
126	} else {
127	$body = '';
128	}
129	}
130
131	$required_parameters = array( 'token', 'timestamp', 'nonce', 'method', 'url' );
132	if ( !is_null( $body ) ) {
133	$required_parameters[] = 'body_hash';
134	if ( !is_string( $body ) ) {
135	return new Jetpack_Error( 'invalid_body', 'Body is malformed.' );
136	}
137	}
138
139	foreach ( $required_parameters as $required ) {
140	if ( !is_scalar( $$required ) ) {
141	return new Jetpack_Error( 'invalid_signature', sprintf( 'The required "%s" parameter is malformed.', str_replace( '_', '-', $required ) ) );
142	}
143
144	if ( !strlen( $$required ) ) {
145	return new Jetpack_Error( 'invalid_signature', sprintf( 'The required "%s" parameter is missing.', str_replace( '_', '-', $required ) ) );
146	}
147	}
148
149	if ( empty( $body ) ) {
150	if ( $body_hash ) {
151	return new Jetpack_Error( 'invalid_body_hash', 'The body hash does not match.' );
152	}
153	} else {
154	if ( $verify_body_hash && jetpack_sha1_base64( $body ) !== $body_hash ) {
155	return new Jetpack_Error( 'invalid_body_hash', 'The body hash does not match.' );
156	}
157	}
158
159	$parsed = parse_url( $url );
160	if ( !isset( $parsed['host'] ) ) {
161	return new Jetpack_Error( 'invalid_signature', sprintf( 'The required "%s" parameter is malformed.', 'url' ) );
162	}
163
164	if ( !empty( $parsed['port'] ) ) {
165	$port = $parsed['port'];
166	} else {
167	if ( 'http' == $parsed['scheme'] ) {
168	$port = 80;
169	} else if ( 'https' == $parsed['scheme'] ) {
170	$port = 443;
171	} else {
172	return new Jetpack_Error( 'unknown_scheme_port', "The scheme's port is unknown" );
173	}
174	}
175
176	if ( !ctype_digit( "$timestamp" ) \|\| 10 < strlen( $timestamp ) ) { // If Jetpack is around in 275 years, you can blame mdawaffe for the bug.
177	return new Jetpack_Error( 'invalid_signature', sprintf( 'The required "%s" parameter is malformed.', 'timestamp' ) );
178	}
179
180	$local_time = $timestamp - $this->time_diff;
181	if ( $local_time < time() - 600 \|\| $local_time > time() + 300 ) {
182	return new Jetpack_Error( 'invalid_signature', 'The timestamp is too old.' );
183	}
184
185	if ( 12 < strlen( $nonce ) \|\| preg_match( '/[^a-zA-Z0-9]/', $nonce ) ) {
186	return new Jetpack_Error( 'invalid_signature', sprintf( 'The required "%s" parameter is malformed.', 'nonce' ) );
187	}
188
189	$normalized_request_pieces = array(
190	$token,
191	$timestamp,
192	$nonce,
193	$body_hash,
194	strtoupper( $method ),
195	strtolower( $parsed['host'] ),
196	$port,
197	$parsed['path'],
198	// Normalized Query String
199	);
200
201	$normalized_request_pieces = array_merge( $normalized_request_pieces, $this->normalized_query_parameters( isset( $parsed['query'] ) ? $parsed['query'] : '' ) );
202	$flat_normalized_request_pieces = array();
203	foreach ($normalized_request_pieces as $piece) {
204	if ( is_array( $piece ) ) {
205	foreach ( $piece as $subpiece ) {
206	$flat_normalized_request_pieces[] = $subpiece;
207	}
208	} else {
209	$flat_normalized_request_pieces[] = $piece;
210	}
211	}
212	$normalized_request_pieces = $flat_normalized_request_pieces;
213
214	$normalized_request_string = join( "\n", $normalized_request_pieces ) . "\n";
215
216	return base64_encode( hash_hmac( 'sha1', $normalized_request_string, $this->secret, true ) );
217	}
218
219	function normalized_query_parameters( $query_string ) {
220	parse_str( $query_string, $array );
221	if ( get_magic_quotes_gpc() )
222	$array = stripslashes_deep( $array );
223
224	unset( $array['signature'] );
225
226	$names = array_keys( $array );
227	$values = array_values( $array );
228
229	$names = array_map( array( $this, 'encode_3986' ), $names );
230	$values = array_map( array( $this, 'encode_3986' ), $values );
231
232	$pairs = array_map( array( $this, 'join_with_equal_sign' ), $names, $values );
233
234	sort( $pairs );
235
236	return $pairs;
237	}
238
239	function encode_3986( $string_or_array ) {
240	if ( is_array( $string_or_array ) ) {
241	return array_map( array( $this, 'encode_3986' ), $string_or_array );
242	}
243
244	$string_or_array = rawurlencode( $string_or_array );
245	return str_replace( '%7E', '~', $string_or_array ); // prior to PHP 5.3, rawurlencode was RFC 1738
246	}
247
248	function join_with_equal_sign( $name, $value ) {
249	if ( is_array( $value ) ) {
250	$result = array();
251	foreach ( $value as $array_key => $array_value ) {
252	$result[] = $name . '[' . $array_key . ']' . '=' . $array_value;
253	}
254	return $result;
255	}
256	return "{$name}={$value}";
257	}
258	}
259
260	function jetpack_sha1_base64( $text ) {
261	return base64_encode( sha1( $text, true ) );
262	}
263