PluginProbe ʕ •ᴥ•ʔ
WooCommerce / 10.9.1
WooCommerce v10.9.1
10.9.4 10.9.3 10.9.2 10.9.1 10.9.0 10.9.0-rc.1 10.9.0-beta.2 10.9.0-beta.1 10.8.1 10.8.0 10.8.0-rc.1 10.8.0-beta.2 10.8.0-beta.1 7.8.0-beta.1 7.8.0-beta.2 7.8.0-rc.1 7.8.0-rc.2 7.8.1 7.8.2 7.8.3 7.8.4 7.9.0 7.9.0-beta.1 7.9.0-beta.2 7.9.0-rc.2 7.9.0-rc.3 7.9.1 7.9.2 8.0.0 8.0.0-beta.1 8.0.0-beta.2 8.0.0-rc.1 8.0.0-rc.2 8.0.1 8.0.2 8.0.3 8.0.4 8.0.5 8.1.0 8.1.0-beta.1 8.1.0-rc.1 8.1.0-rc.2 8.1.1 8.1.2 8.1.3 8.1.4 8.2.0 8.2.0-beta.1 8.2.0-rc.1 8.2.0-rc.2 8.2.1 8.2.2 8.2.3 8.2.4 8.2.5 8.3.0 8.3.0-beta.1 8.3.0-rc.1 8.3.0-rc.2 8.3.1 8.3.2 8.3.3 8.3.4 8.4.0 8.4.0-beta.1 8.4.0-rc.1 8.4.1 8.4.2 8.4.3 8.5.0 8.5.0-beta.1 8.5.0-rc.1 8.5.1 8.5.2 8.5.3 8.5.4 8.5.5 8.6.0 8.6.0-beta.1 8.6.0-rc.1 8.6.1 8.6.2 8.6.3 8.6.4 8.7.0 8.7.0-beta.1 8.7.0-beta.2 8.7.0-rc.1 8.7.1 8.7.2 8.7.3 8.8.0 8.8.0-beta.1 8.8.0-rc.1 8.8.1 8.8.2 8.8.3 8.8.4 8.8.5 8.8.6 8.8.7 8.9.0 8.9.0-beta.1 8.9.0-rc.1 8.9.1 8.9.2 8.9.3 8.9.4 8.9.5 9.0.0 9.0.0-beta.1 9.0.0-beta.2 9.0.0-rc.1 9.0.1 9.0.2 9.0.3 9.0.4 9.1.0 9.1.0-beta.1 9.1.0-rc.1 9.1.1 9.1.2 9.1.3 9.1.4 9.1.5 9.1.6 9.2.0 9.2.0-beta.1 9.2.0-rc.1 9.2.1 9.2.2 9.2.3 9.2.4 9.2.5 9.3.0 9.3.0-beta.1 9.3.0-rc.1 9.3.1 9.3.2 9.3.3 9.3.4 9.3.5 9.3.6 9.4.0 9.4.0-beta.1 9.4.0-beta.2 9.4.0-rc.1 9.4.0-rc.2 9.4.0-rc.3 9.4.0-rc.4 9.4.1 9.4.2 9.4.3 9.4.4 9.4.5 9.5.0 9.5.0-beta.1 9.5.0-beta.2 9.5.0-rc.1 9.5.1 9.5.2 9.5.3 9.5.4 9.6.0 9.6.0-beta.1 9.6.0-beta.2 9.6.0-rc.1 9.6.1 9.6.2 9.6.3 9.6.4 9.7.0 9.7.0-beta.1 9.7.0-rc.1 9.7.1 9.7.2 9.7.3 9.8.0 9.8.0-beta.1 9.8.0-rc.1 9.8.1 9.8.2 9.8.3 9.8.4 9.8.5 9.8.6 9.8.7 9.9.0 9.9.0-beta.1 9.9.0-rc.1 9.9.1 9.9.2 9.9.3 9.9.4 9.9.5 9.9.6 9.9.7 3.7.3 7.1.2 3.8.0 7.2.0 3.8.0-beta.1 7.2.0-beta.1 3.8.0-rc.1 7.2.0-beta.2 3.8.0-rc.2 7.2.0-rc.1 3.8.1 7.2.0-rc.2 3.8.2 7.2.1 3.8.3 7.2.2 3.9.0 7.2.3 3.9.0-beta.1 7.2.4 3.9.0-beta.2 7.3.0 3.9.0-rc.1 7.3.0-beta.1 3.9.0-rc.2 7.3.0-beta.2 3.9.0-rc.3 7.3.0-rc.1 3.9.0-rc.4 7.3.0-rc.2 3.9.1 7.3.1 3.9.2 7.4.0 3.9.3 7.4.0-beta.1 3.9.4 7.4.0-beta.2 3.9.5 7.4.0-rc.1 4.0.0 7.4.0-rc.2 4.0.0-beta.1 7.4.1 4.0.0-rc.1 7.4.2 4.0.0-rc.2 7.5.0 4.0.1 7.5.0-beta.1 4.0.2 7.5.0-beta.2 4.0.3 7.5.0-rc.1 4.0.4 7.5.1 4.1.0 7.5.2 4.1.0-beta.1 7.6.0 4.1.0-beta.2 7.6.0-beta.1 4.1.0-rc.1 7.6.0-beta.2 4.1.0-rc.2 7.6.0-rc.1 4.1.1 7.6.0-rc.2 4.1.2 7.6.0-rc.3 4.1.3 7.6.1 4.1.4 7.6.2 4.2.0 7.7.0 4.2.0-RC.1 7.7.0-beta.1 4.2.0-RC.2 7.7.0-beta.2 4.2.0-beta.1 7.7.0-rc.1 4.2.1 7.7.1 4.2.2 7.7.2 4.2.3 7.7.3 4.2.4 7.8.0 4.2.5 4.3.0 4.3.0-beta.1 4.3.0-rc.1 4.3.0-rc.2 4.3.0-rc.3 4.3.1 4.3.2 4.3.3 4.3.4 4.3.5 4.3.6 4.4.0 4.4.0-beta.1 4.4.0-rc.1 4.4.1 4.4.2 4.4.3 4.4.4 4.5.0 4.5.0-beta.1 4.5.0-rc.1 4.5.0-rc.3 4.5.1 4.5.2 4.5.3 4.5.4 4.5.5 4.6.0 4.6.0-beta.1 4.6.0-rc.1 4.6.1 4.6.2 4.6.3 4.6.4 4.6.5 4.7.0 4.7.0-beta.1 4.7.0-beta.2 4.7.0-rc.1 4.7.1 4.7.1-beta.1 4.7.2 4.7.3 4.7.4 4.8.0 4.8.0-beta.1 4.8.0-rc.1 4.8.0-rc.2 4.8.1 4.8.2 4.8.3 4.9.0 4.9.0-beta.1 4.9.0-rc.1 4.9.0-rc.2 4.9.1 4.9.2 4.9.3 4.9.4 4.9.5 5.0.0 5.0.0-beta.1 5.0.0-beta.2 5.0.0-rc.1 5.0.0-rc.2 5.0.0-rc.3 5.0.1 5.0.2 5.0.3 5.1.0 5.1.0-beta.1 5.1.0-rc.1 trunk 5.1.1 10.0.0 5.1.2 10.0.0-rc.1 5.1.3 10.0.0-rc.2 5.2.0 10.0.1 5.2.0-beta.1 10.0.2 5.2.0-rc.1 10.0.3 5.2.0-rc.2 10.0.4 5.2.1 10.0.5 5.2.2 10.0.6 5.2.3 10.1.0 5.2.4 10.1.0-rc.1 5.2.5 10.1.0-rc.2 5.3.0 10.1.0-rc.3 5.3.0-beta.1 10.1.0-rc.4 5.3.0-rc.1 10.1.1 5.3.0-rc.2 10.1.2 5.3.1 10.1.3 5.3.2 10.1.4 5.3.3 10.2.0 5.4.0 10.2.0-beta.1 5.4.0-beta.1 10.2.0-beta.2 5.4.0-rc.1 10.2.0-rc.1 5.4.1 10.2.1 5.4.2 10.2.2 5.4.3 10.2.3 5.4.4 10.2.4 5.4.5 10.3.0 5.5.0 10.3.0-beta.1 5.5.0-beta.1 10.3.0-beta.2 5.5.0-rc.1 10.3.0-rc.1 5.5.0-rc.2 10.3.0-rc.2 5.5.1 10.3.1 5.5.2 10.3.2 5.5.3 10.3.3 5.5.4 10.3.4 5.5.5 10.3.5 5.6.0 10.3.6 5.6.0-beta.1 10.3.7 5.6.0-rc.1 10.3.8 5.6.0-rc.2 10.4.0 5.6.1 10.4.0-beta.1 5.6.2 10.4.0-beta.2 5.6.3 10.4.0-rc.1 5.7.0 10.4.1 5.7.0-beta.1 10.4.2 5.7.0-rc.1 10.4.3 5.7.1 10.4.4 5.7.2 10.5.0 5.7.3 10.5.0-beta.1 5.8.0 10.5.0-beta.2 5.8.0-beta.1 10.5.0-rc.1 5.8.0-beta.2 10.5.0-rc.2 5.8.0-rc.1 10.5.0-rc.3 5.8.1 10.5.1 5.8.2 10.5.2 5.9.0 10.5.3 5.9.0-beta.1 10.6.0 5.9.0-rc.1 10.6.0-beta.1 5.9.0-rc.2 10.6.0-beta.2 5.9.1 10.6.0-rc.1 5.9.2 10.6.1 6.0.0 10.6.2 6.0.0-beta.1 10.7.0 6.0.0-rc.1 10.7.0-beta.1 6.0.1 10.7.0-beta.2 6.0.2 10.7.0-rc.1 6.1.0 3.0.0 6.1.0-beta.1 3.0.1 6.1.0-rc.1 3.0.2 6.1.0-rc.2 3.0.3 6.1.1 3.0.4 6.1.2 3.0.5 6.1.3 3.0.6 6.2.0 3.0.7 6.2.0-beta.1 3.0.8 6.2.0-rc.1 3.0.9 6.2.0-rc.2 3.1.0 6.2.1 3.1.1 6.2.2 3.1.2 6.2.3 3.2.0 6.3.0 3.2.1 6.3.0-beta.1 3.2.2 6.3.0-rc.1 3.2.3 6.3.0-rc.2 3.2.4 6.3.1 3.2.5 6.3.2 3.2.6 6.4.0 3.3.0 6.4.0-beta.1 3.3.1 6.4.0-rc.1 3.3.2 6.4.1 3.3.2-rc.1 6.4.2 3.3.3 6.5.0 3.3.4 6.5.0-beta.1 3.3.5 6.5.0-rc.1 3.3.6 6.5.0-rc.2 3.4.0 6.5.1 3.4.0-beta.1 6.5.2 3.4.0-rc.2 6.6.0 3.4.1 6.6.0-beta.1 3.4.2 6.6.0-rc.1 3.4.3 6.6.0-rc.2 3.4.4 6.6.1 3.4.5 6.6.2 3.4.6 6.7.0 3.4.7 6.7.0-beta.1 3.4.8 6.7.0-beta.2 3.5.0 6.7.0-rc.1 3.5.0-beta.1 6.7.1 3.5.0-rc.1 6.8.0 3.5.0-rc.2 6.8.0-beta.1 3.5.1 6.8.0-beta.2 3.5.10 6.8.0-rc.1 3.5.2 6.8.1 3.5.3 6.8.2 3.5.4 6.8.3 3.5.5 6.9.0 3.5.6 6.9.0-beta.1 3.5.7 6.9.0-beta.2 3.5.8 6.9.0-rc.1 3.5.9 6.9.1 3.6.0 6.9.2 3.6.0-beta.1 6.9.3 3.6.0-rc.1 6.9.4 3.6.0-rc.2 6.9.5 3.6.0-rc.3 7.0.0 3.6.1 7.0.0-beta.1 3.6.2 7.0.0-beta.2 3.6.3 7.0.0-beta.3 3.6.4 7.0.0-rc.1 3.6.5 7.0.0-rc.2 3.6.6 7.0.1 3.6.7 7.0.2 3.7.0 7.1.0 3.7.0-beta.1 7.1.0-beta.1 3.7.0-rc.1 7.1.0-beta.2 3.7.0-rc.2 7.1.0-rc.1 3.7.1 7.1.0-rc.2 3.7.2 7.1.1
woocommerce / src / Internal / PushNotifications / Validators / PushTokenValidator.php
woocommerce / src / Internal / PushNotifications / Validators Last commit date
PushTokenValidator.php 3 months ago
PushTokenValidator.php
435 lines
1 <?php
2 /**
3 * PushTokenValidator class file.
4 */
5
6 declare( strict_types = 1 );
7
8 namespace Automattic\WooCommerce\Internal\PushNotifications\Validators;
9
10 defined( 'ABSPATH' ) || exit;
11
12 use Automattic\WooCommerce\Internal\PushNotifications\Entities\PushToken;
13 use WP_Error;
14
15 // phpcs:disable Generic.CodeAnalysis.UnusedFunctionParameter.FoundAfterLastUsed
16
17 /**
18 * Validator class for push tokens.
19 *
20 * @since 10.6.0
21 */
22 class PushTokenValidator {
23 const VALIDATABLE_FIELDS = array(
24 'id',
25 'user_id',
26 'origin',
27 'device_uuid',
28 'device_locale',
29 'platform',
30 'token',
31 'metadata',
32 );
33
34 /**
35 * The error code to return in WP_Errors.
36 *
37 * @since 10.6.0
38 */
39 const ERROR_CODE = 'woocommerce_invalid_data';
40
41 /**
42 * Validates device locale format:
43 * - language code (2–3 lowercase letters)
44 * - optionally followed by underscore and region code (2 uppercase letters)
45 *
46 * We don't have access to a locale dictionary to check valid locales, but
47 * it's important to note that we do not support country codes here, ONLY
48 * valid locales. Some languages have valid 2 and 3 character locales (like
49 * Japanese - ja, Arabic - ar, Asturian - ast), which is what this regex
50 * reflects.
51 */
52 const DEVICE_LOCALE_FORMAT = '/^(?<language>[a-z]{2,3})(?:_(?<region>[A-Z]{2}))?$/';
53
54 /**
55 * The regex to use when validating device UUID format.
56 *
57 * @since 10.6.0
58 */
59 const DEVICE_UUID_FORMAT = '/^[A-Za-z0-9._:-]+$/';
60
61 /**
62 * The length to validate the device UUID against.
63 *
64 * @since 10.6.0
65 */
66 const DEVICE_UUID_MAXIMUM_LENGTH = 255;
67
68 /**
69 * The length to validate the token against.
70 *
71 * @since 10.6.0
72 */
73 const TOKEN_MAXIMUM_LENGTH = 4096;
74
75 /**
76 * The regex to use when validating Apple token format.
77 *
78 * @since 10.6.0
79 */
80 const TOKEN_FORMAT_APPLE = '/^[A-Fa-f0-9]{64}$/';
81
82 /**
83 * The regex to use when validating Android token format.
84 *
85 * @since 10.6.0
86 */
87 const TOKEN_FORMAT_ANDROID = '/^[A-Za-z0-9=:_\-+\/]+$/';
88
89 /**
90 * Validates the fields defined in `$fields`, or all the list of known
91 * fields if `$fields` is empty.
92 *
93 * @since 10.6.0
94 *
95 * @param array $data The data to be validated.
96 * @param array $fields The fields to validate.
97 * @return bool|WP_Error
98 */
99 public static function validate( array $data, ?array $fields = array() ) {
100 $fields = empty( $fields ) ? self::VALIDATABLE_FIELDS : $fields;
101
102 foreach ( $fields as $field ) {
103 $method = 'validate_' . $field;
104
105 if ( ! method_exists( self::class, $method ) ) {
106 return new WP_Error(
107 'woocommerce_invalid_data',
108 sprintf( 'Can\'t validate param \'%s\' as a validator does not exist for it.', $field )
109 );
110 }
111
112 $result = self::$method( $data[ $field ] ?? null, $data );
113
114 if ( is_wp_error( $result ) ) {
115 return $result;
116 }
117 }
118
119 return true;
120 }
121
122 /**
123 * Validates ID.
124 *
125 * @since 10.6.0
126 *
127 * @param mixed $value The value to validate.
128 * @param array|null $context An array of other values included as context for the validation.
129 * @return bool|WP_Error
130 */
131 private static function validate_id( $value, ?array $context = array() ) {
132 if ( is_null( $value ) ) {
133 return new WP_Error( self::ERROR_CODE, 'ID is required.' );
134 }
135
136 if ( ! is_numeric( $value ) ) {
137 return new WP_Error( self::ERROR_CODE, 'ID must be numeric.' );
138 }
139
140 if ( $value <= 0 ) {
141 return new WP_Error( self::ERROR_CODE, 'ID must be a positive integer.' );
142 }
143
144 return true;
145 }
146
147 /**
148 * Validates user ID.
149 *
150 * @since 10.6.0
151 *
152 * @param mixed $value The value to validate.
153 * @param array|null $context An array of other values included as context for the validation.
154 * @return bool|WP_Error
155 */
156 private static function validate_user_id( $value, ?array $context = array() ) {
157 if ( is_null( $value ) ) {
158 return new WP_Error( self::ERROR_CODE, 'User ID is required.' );
159 }
160
161 if ( ! is_numeric( $value ) ) {
162 return new WP_Error( self::ERROR_CODE, 'User ID must be numeric.' );
163 }
164
165 if ( $value <= 0 ) {
166 return new WP_Error( self::ERROR_CODE, 'User ID must be a positive integer.' );
167 }
168
169 return true;
170 }
171
172 /**
173 * Validates origin.
174 *
175 * @since 10.6.0
176 *
177 * @param mixed $value The value to validate.
178 * @param array|null $context An array of other values included as context for the validation.
179 * @return bool|WP_Error
180 */
181 private static function validate_origin( $value, ?array $context = array() ) {
182 if ( is_null( $value ) ) {
183 return new WP_Error( self::ERROR_CODE, 'Origin is required.' );
184 }
185
186 if ( ! is_string( $value ) ) {
187 return new WP_Error( self::ERROR_CODE, 'Origin must be a string.' );
188 }
189
190 $value = trim( $value );
191
192 if ( '' === $value ) {
193 return new WP_Error( self::ERROR_CODE, 'Origin cannot be empty.' );
194 }
195
196 if ( ! in_array( $value, PushToken::ORIGINS, true ) ) {
197 return new WP_Error(
198 self::ERROR_CODE,
199 sprintf( 'Origin must be one of: %s.', implode( ', ', PushToken::ORIGINS ) )
200 );
201 }
202
203 return true;
204 }
205
206 /**
207 * Validates device UUID.
208 *
209 * @since 10.6.0
210 *
211 * @param mixed $value The value to validate.
212 * @param array|null $context An array of other values included as context for the validation.
213 * @return bool|WP_Error
214 */
215 private static function validate_device_uuid( $value, ?array $context = array() ) {
216 /**
217 * We may or may not have platform; if we don't have it, we can skip the
218 * platform-specific checks and allow the platform validation to trigger
219 * the failure.
220 */
221 $maybe_platform = $context['platform'] ?? null;
222
223 if (
224 PushToken::PLATFORM_APPLE === $maybe_platform
225 || PushToken::PLATFORM_ANDROID === $maybe_platform
226 ) {
227 /**
228 * The browser platform doesn't use a device UUID, so we don't need
229 * to check truthiness or format unless the platform is not browser.
230 */
231 if ( is_null( $value ) ) {
232 return new WP_Error( self::ERROR_CODE, 'Device UUID is required.' );
233 }
234
235 if ( ! is_string( $value ) ) {
236 return new WP_Error( self::ERROR_CODE, 'Device UUID must be a string.' );
237 }
238
239 $value = trim( $value );
240
241 if ( '' === $value ) {
242 return new WP_Error( self::ERROR_CODE, 'Device UUID cannot be empty.' );
243 }
244
245 if ( ! preg_match( self::DEVICE_UUID_FORMAT, $value ) ) {
246 return new WP_Error( self::ERROR_CODE, 'Device UUID is an invalid format.' );
247 }
248 }
249
250 if (
251 is_string( $value )
252 && strlen( $value ) > self::DEVICE_UUID_MAXIMUM_LENGTH ) {
253 /**
254 * Check maximum length for all device UUIDs sent, regardless of
255 * platform. We don't know for sure the value is a string as the
256 * check above isn't guaranteed to have run, so ensure it is a
257 * string before evaluating this validation rule.
258 */
259 return new WP_Error(
260 self::ERROR_CODE,
261 sprintf( 'Device UUID exceeds maximum length of %s.', self::DEVICE_UUID_MAXIMUM_LENGTH )
262 );
263 }
264
265 return true;
266 }
267
268 /**
269 * Validates device locale.
270 *
271 * @param mixed $value The value to validate.
272 * @param array|null $context An array of other values included as context for the validation.
273 * @return bool|WP_Error
274 *
275 * @since 10.6.0
276 */
277 private static function validate_device_locale( $value, ?array $context = array() ) {
278 if ( ! isset( $value ) ) {
279 return new WP_Error( self::ERROR_CODE, 'Device locale is required.' );
280 }
281
282 if ( ! is_string( $value ) ) {
283 return new WP_Error( self::ERROR_CODE, 'Device locale must be a string.' );
284 }
285
286 $value = trim( $value );
287
288 if ( '' === $value ) {
289 return new WP_Error( self::ERROR_CODE, 'Device locale cannot be empty.' );
290 }
291
292 if ( ! preg_match( self::DEVICE_LOCALE_FORMAT, $value ) ) {
293 return new WP_Error( self::ERROR_CODE, 'Device locale is an invalid format.' );
294 }
295
296 return true;
297 }
298
299 /**
300 * Validates platform.
301 *
302 * @since 10.6.0
303 *
304 * @param mixed $value The value to validate.
305 * @param array|null $context An array of other values included as context for the validation.
306 * @return bool|WP_Error
307 */
308 private static function validate_platform( $value, ?array $context = array() ) {
309 if ( is_null( $value ) ) {
310 return new WP_Error( self::ERROR_CODE, 'Platform is required.' );
311 }
312
313 if ( ! is_string( $value ) ) {
314 return new WP_Error( self::ERROR_CODE, 'Platform must be a string.' );
315 }
316
317 $value = trim( $value );
318
319 if ( '' === $value ) {
320 return new WP_Error( self::ERROR_CODE, 'Platform cannot be empty.' );
321 }
322
323 if ( ! in_array( $value, PushToken::PLATFORMS, true ) ) {
324 return new WP_Error(
325 self::ERROR_CODE,
326 sprintf( 'Platform must be one of: %s.', implode( ', ', PushToken::PLATFORMS ) )
327 );
328 }
329
330 return true;
331 }
332
333 /**
334 * Validates token value.
335 *
336 * @since 10.6.0
337 *
338 * @param mixed $value The value to validate.
339 * @param array|null $context An array of other values included as context for the validation.
340 * @return bool|WP_Error
341 */
342 private static function validate_token( $value, ?array $context = array() ) {
343 if ( is_null( $value ) ) {
344 return new WP_Error( self::ERROR_CODE, 'Token is required.' );
345 }
346
347 if ( ! is_string( $value ) ) {
348 return new WP_Error( self::ERROR_CODE, 'Token must be a string.' );
349 }
350
351 $value = trim( $value );
352
353 if ( '' === $value ) {
354 return new WP_Error( self::ERROR_CODE, 'Token cannot be empty.' );
355 }
356
357 if ( strlen( $value ) > self::TOKEN_MAXIMUM_LENGTH ) {
358 return new WP_Error(
359 self::ERROR_CODE,
360 sprintf( 'Token exceeds maximum length of %s.', self::TOKEN_MAXIMUM_LENGTH )
361 );
362 }
363
364 if ( ! isset( $context['platform'] ) ) {
365 /**
366 * We don't know how to validate the format as we don't know the
367 * platform, so let the platform validation handle the failure.
368 */
369 return true;
370 }
371
372 if (
373 PushToken::PLATFORM_APPLE === $context['platform']
374 && ! preg_match( self::TOKEN_FORMAT_APPLE, $value )
375 ) {
376 return new WP_Error( self::ERROR_CODE, 'Token is an invalid format.' );
377 }
378
379 if (
380 PushToken::PLATFORM_ANDROID === $context['platform']
381 && ! preg_match( self::TOKEN_FORMAT_ANDROID, $value )
382 ) {
383 return new WP_Error( self::ERROR_CODE, 'Token is an invalid format.' );
384 }
385
386 if ( PushToken::PLATFORM_BROWSER === $context['platform'] ) {
387 $token_object = json_decode( $value, true );
388 $endpoint = $token_object['endpoint'] ?? null;
389
390 if (
391 is_null( $token_object )
392 || json_last_error()
393 || ! isset( $token_object['keys']['auth'] )
394 || ! isset( $token_object['keys']['p256dh'] )
395 || ! $endpoint
396 || ! wp_http_validate_url( (string) $endpoint )
397 || ( wp_parse_url( (string) $endpoint, PHP_URL_SCHEME ) !== 'https' )
398 ) {
399 return new WP_Error( self::ERROR_CODE, 'Token is an invalid format.' );
400 }
401 }
402
403 return true;
404 }
405
406 /**
407 * Validates metadata.
408 *
409 * @param mixed $value The value to validate.
410 * @param array|null $context An array of other values included as context for the validation.
411 * @return bool|WP_Error
412 *
413 * @since 10.6.0
414 */
415 private static function validate_metadata( $value, ?array $context = array() ) {
416 if ( ! isset( $value ) ) {
417 return new WP_Error( self::ERROR_CODE, 'Metadata is required.' );
418 }
419
420 if ( ! is_array( $value ) ) {
421 return new WP_Error( self::ERROR_CODE, 'Metadata must be an array.' );
422 }
423
424 foreach ( $value as $key => $item ) {
425 if ( ! is_scalar( $item ) ) {
426 return new WP_Error( self::ERROR_CODE, 'Metadata items must be scalar values.' );
427 }
428 }
429
430 return true;
431 }
432 }
433
434 // phpcs:enable Generic.CodeAnalysis.UnusedFunctionParameter.FoundAfterLastUsed
435