KGRKJGETMRETU895U-589TY5MIGM5JGB5SDFESFREWTGR54TY
Server : Apache
System : Linux cs317.bluehost.com 4.19.286-203.ELK.el7.x86_64 #1 SMP Wed Jun 14 04:33:55 CDT 2023 x86_64
User : andertr9 ( 1047)
PHP Version : 8.2.18
Disable Function : NONE
Directory :  /opt/wp/plugins/bluehost-wordpress-plugin/inc/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Current File : //opt/wp/plugins/bluehost-wordpress-plugin/inc/AccessToken.php
<?php
/**
 * Class for managing Bluehost access tokens.
 *
 * @package BluehostWordPressPlugin
 */

// phpcs:disable PHPCompatibility.FunctionUse.NewFunctions.random_bytesFound -- WordPress provides a fallback for this function.
// phpcs:disable WordPress.PHP.DiscouragedPHPFunctions.obfuscation_base64_encode -- We use this for security reasons.

namespace Bluehost;

use Bluehost\ResponseUtilities;
use Bluehost\SiteMeta;

/**
 * Class AccessToken
 *
 * @uses ResponseUtilities, SiteMeta
 */
class AccessToken {

	/**
	 * Check if an access token is stored.
	 *
	 * @return bool
	 */
	public static function has_token() {
		$token = self::get_token();

		return ! empty( $token );
	}

	/**
	 * Get the stored access token, if available.
	 *
	 * @return string Access token or an empty string if not available.
	 */
	public static function get_token() {
		$token      = '';
		$expiration = get_option( 'bluehost_access_token_expiration', 0 );
		if ( $expiration > time() ) {
			$token = get_option( 'bluehost_access_token', '' );
		}

		return (string) $token;
	}

	/**
	 * Save an access token.
	 *
	 * @param string $token      Access token
	 * @param int    $expiration Timestamp of expiration
	 */
	public static function set_token( $token, $expiration ) {
		update_option( 'bluehost_access_token', $token, true );
		update_option( 'bluehost_access_token_expiration', $expiration, true );
	}

	/**
	 * Request an access token.
	 *
	 * @return array|\WP_Error
	 *
	 * @throws \Exception The random_bytes() function may throw an Exception in some cases.
	 */
	public static function request_token() {

		$domain  = SiteMeta::get_domain();
		$site_id = SiteMeta::get_id();

		$hashing_algorithm    = 'sha256';
		$transient_name       = 'authorizations_' . base64_encode( random_bytes( 12 ) );
		$salt                 = random_bytes( 24 );
		$client_secret        = random_bytes( 40 );
		$hashed_client_secret = hash( $hashing_algorithm, $salt . $client_secret, true );
		$transient_value      = sprintf(
			'%s:%s:%s',
			$hashing_algorithm,
			base64_encode( $salt ),
			base64_encode( $hashed_client_secret )
		);

		set_transient( $transient_name, $transient_value, MINUTE_IN_SECONDS );

		return wp_remote_post(
			sprintf( 'https://my.bluehost.com/siteapi/sites/%s/%s/authorizations', $domain, $site_id ),
			array(
				'timeout' => 45,
				'body'    => array(
					'transient_name' => $transient_name,
					'client_secret'  => base64_encode( $client_secret ),
					'domain'         => $domain,
					'site_id'        => $site_id,
					'scopes'         => array(),
				),
			)
		);

	}

	/**
	 * Refresh the stored token.
	 *
	 * @throws \RuntimeException On error or unexpected payload shape.
	 */
	public static function refresh_token() {
		try {
			$response = self::request_token();
			$data     = ResponseUtilities::parse_json_response( $response, true );
			if ( isset( $data['access_token'], $data['expires_in'] ) ) {
				$token      = $data['access_token'];
				$expires_in = (int) $data['expires_in'];
				$timestamp  = ResponseUtilities::get_response_timestamp( $response );
				self::set_token( $token, $timestamp + $expires_in );
			} else {
				$data['_status_code'] = wp_remote_retrieve_response_code( $response );
				$data['_response']    = wp_remote_retrieve_body( $response );
				throw new \RuntimeException( wp_json_encode( $data ) );
			}
		} catch ( \Exception $e ) {
			error_log( 'Bluehost WP Plugin: Failed to fetch token: ' . $e->getMessage() );
		}
	}

	/**
	 * Check for proper conditions before refreshing the token.
	 */
	public static function maybe_refresh_token() {
		if ( defined( 'DOING_AJAX' ) && DOING_AJAX ) {
			return;
		}
		if ( current_user_can( 'manage_options' ) && ! self::has_token() ) {
			self::refresh_token();
		}
	}

}

Anon7 - 2021