plugin_name = $plugin_name; $this->version = $version; $this->settings = QDR_TSS_Settings::instance(); } /** * Register the REST API routes. * * @since 1.0.0 */ public function register_routes() { // Media Controller $media_controller = new QDR_TSS_Media_Controller($this->plugin_name, $this->version); $media_controller->register_routes(); // Upload Controller $upload_controller = new QDR_TSS_Upload_Controller($this->plugin_name, $this->version); $upload_controller->register_routes(); } /** * Check API key for REST API requests. * * @since 1.0.0 * @param WP_Error|null $result The authentication result so far. * @return WP_Error|null The authentication result. */ public function check_api_key($result) { // Only check for our namespace if (empty($result) && strpos($_SERVER['REQUEST_URI'], '/wp-json/qdr-tss/') !== false) { $headers = $this->get_all_headers(); $api_key = isset($headers['X-Api-Key']) ? $headers['X-Api-Key'] : ''; if (!$this->settings->validate_api_key($api_key)) { return new WP_Error( 'rest_forbidden', __('Invalid API key.', 'qdr-temporary-shared-storage'), array('status' => 403) ); } } return $result; } /** * Check REST API permissions. * * @since 1.0.0 * @return bool True if authorized, false otherwise. */ public function check_rest_permission() { $headers = $this->get_all_headers(); $api_key = isset($headers['X-Api-Key']) ? $headers['X-Api-Key'] : ''; return $this->settings->validate_api_key($api_key); } /** * Get all headers. * * @since 1.0.0 * @return array All headers. */ private function get_all_headers() { if (function_exists('getallheaders')) { return getallheaders(); } // Manually get headers if getallheaders() is not available $headers = array(); foreach ($_SERVER as $name => $value) { if (substr($name, 0, 5) === 'HTTP_') { $name = str_replace(' ', '-', ucwords(strtolower(str_replace('_', ' ', substr($name, 5))))); $headers[$name] = $value; } elseif ($name === 'CONTENT_TYPE') { $headers['Content-Type'] = $value; } elseif ($name === 'CONTENT_LENGTH') { $headers['Content-Length'] = $value; } } return $headers; } }