OribiTech/WordpressGitSync
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
f17b9ccb98aaf3c9a57ed051dacbc827858497c6
WordpressGitSync/includes/rest.php
Matt Batchelder f17b9ccb98 Add Oribi Sync plugin for syncing WordPress pages and theme files from a Git repository 
- Implement encryption helpers for storing and retrieving the Personal Access Token (PAT).
- Create REST API endpoints for triggering sync, checking sync status, and handling webhooks.
- Develop the sync engine to fetch pages from the Git repository, create/update WordPress pages, and trash removed pages.
- Add functionality for previewing and applying theme files from the repository.
- Set up plugin activation and deactivation hooks to manage default options and scheduled tasks.
- Implement uninstall routine to clean up plugin options and metadata from posts.
2026-02-19 16:05:43 -05:00

106 lines
4.0 KiB
PHP
Raw Blame History

<?php
/**
* Oribi Sync — REST API endpoints.
*
* POST /wp-json/oribi-sync/v1/sync — Trigger a sync
* POST /wp-json/oribi-sync/v1/sync — With ?dry_run=1 for preview
* GET /wp-json/oribi-sync/v1/status — Get last sync status
* POST /wp-json/oribi-sync/v1/webhook — Webhook trigger (secret-based auth)
*/
if ( ! defined( 'ABSPATH' ) ) exit;
add_action( 'rest_api_init', function () {
// ── Trigger sync ──────────────────────────────────────────────────────
register_rest_route( 'oribi-sync/v1', '/sync', [
'methods' => 'POST',
'callback' => 'oribi_sync_rest_sync',
'permission_callback' => function () {
return current_user_can( 'manage_options' );
},
] );
// ── Sync status ───────────────────────────────────────────────────────
register_rest_route( 'oribi-sync/v1', '/status', [
'methods' => 'GET',
'callback' => 'oribi_sync_rest_status',
'permission_callback' => function () {
return current_user_can( 'manage_options' );
},
] );
// ── Webhook (secret-based auth, no WP login required) ─────────────────
register_rest_route( 'oribi-sync/v1', '/webhook', [
'methods' => 'POST',
'callback' => 'oribi_sync_rest_webhook',
'permission_callback' => '__return_true', // Auth handled in callback
] );
} );
/**
* REST: Trigger sync.
*/
function oribi_sync_rest_sync( WP_REST_Request $request ): WP_REST_Response {
$dry_run = (bool) $request->get_param( 'dry_run' );
$result = oribi_sync_run( $dry_run );
return new WP_REST_Response( $result, $result['ok'] ? 200 : 500 );
}
/**
* REST: Get last sync status.
*/
function oribi_sync_rest_status(): WP_REST_Response {
return new WP_REST_Response( [
'last_run' => get_option( 'oribi_sync_last_run', null ),
'log' => array_slice( get_option( 'oribi_sync_log', [] ), 0, 5 ),
'repo' => get_option( 'oribi_sync_repo', '' ),
'branch' => get_option( 'oribi_sync_branch', 'main' ),
'provider' => oribi_sync_get_provider(),
'has_pat' => ! empty( get_option( 'oribi_sync_pat', '' ) ),
] );
}
/**
* REST: Webhook trigger.
*
* Validates using a shared secret stored in the WP option oribi_sync_webhook_secret
* or the constant ORIBI_SYNC_WEBHOOK_SECRET.
*
* Accepts GitHub-style X-Hub-Signature-256 header, or a simple
* Authorization: Bearer <secret> header.
*/
function oribi_sync_rest_webhook( WP_REST_Request $request ): WP_REST_Response {
$secret = defined( 'ORIBI_SYNC_WEBHOOK_SECRET' )
? ORIBI_SYNC_WEBHOOK_SECRET
: get_option( 'oribi_sync_webhook_secret', '' );
if ( empty( $secret ) ) {
return new WP_REST_Response( [ 'error' => 'Webhook secret not configured.' ], 403 );
}
// Check Authorization: Bearer <secret>
$auth = $request->get_header( 'Authorization' );
if ( $auth && preg_match( '/^Bearer\s+(.+)$/i', $auth, $m ) ) {
if ( ! hash_equals( $secret, $m[1] ) ) {
return new WP_REST_Response( [ 'error' => 'Invalid secret.' ], 403 );
}
}
// Check GitHub X-Hub-Signature-256
elseif ( $sig = $request->get_header( 'X-Hub-Signature-256' ) ) {
$body = $request->get_body();
$expected = 'sha256=' . hash_hmac( 'sha256', $body, $secret );
if ( ! hash_equals( $expected, $sig ) ) {
return new WP_REST_Response( [ 'error' => 'Invalid signature.' ], 403 );
}
} else {
return new WP_REST_Response( [ 'error' => 'Missing authentication.' ], 403 );
}
// Run sync
$result = oribi_sync_run();
return new WP_REST_Response( $result, $result['ok'] ? 200 : 500 );
}
Reference in New Issue View Git Blame Copy Permalink