Making WordPress.org


Ignore:
Timestamp:
04/16/2021 04:18:55 AM (3 years ago)
Author:
dd32
Message:

API: HelpScout: Include some tooling for our DPO queue.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • sites/trunk/api.wordpress.org/public_html/dotorg/helpscout/profile.php

    r9811 r10909  
    22// Simple profile lookup for HelpScout sidebar. Returns w.org links to HS for emails received.
    33
    4 $base_dir = dirname( dirname( __DIR__ ) );
    5 require( $base_dir . '/wp-init.php' );
    6 
    7 // function to verify signature from HelpScout
    8 function isFromHelpScout($data, $signature) {
    9     $calculated = base64_encode( hash_hmac( 'sha1', $data, HELPSCOUT_SECRET_KEY, true ) );
    10     return hash_equals( $signature, $calculated );
    11 }
    12 
    13 //  HelpScout sends json data in the POST, so grab it from the input directly
    14 $data = file_get_contents( 'php://input' );
    15 
    16 // check the signature header
    17 if ( ! isset( $_SERVER['HTTP_X_HELPSCOUT_SIGNATURE'] ) ) {
    18     exit;
    19 }
    20 
    21 $signature = $_SERVER['HTTP_X_HELPSCOUT_SIGNATURE'];
    22 if ( ! isFromHelpScout( $data, $signature ) ) {
    23     // failure = no response
    24     exit;
    25 }
    26 
    27 // get the info from HS
    28 $request = json_decode( $data );
     4// $request is the validated HelpScout request.
     5$request = include __DIR__ . '/common.php';
    296
    307// default empty output
     
    4623
    4724// response to HS is just HTML to display in the sidebar
    48 $response = array ('html' => $html);
     25$response = array( 'html' => $html );
    4926
    5027echo json_encode( $response );
    51 
Note: See TracChangeset for help on using the changeset viewer.