summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat (limited to 'plugins/jetpack/extensions/blocks/premium-content')
-rw-r--r--plugins/jetpack/extensions/blocks/premium-content/_inc/subscription-service/class-jwt.php2
-rw-r--r--plugins/jetpack/extensions/blocks/premium-content/_inc/subscription-service/class-token-subscription-service.php4
-rw-r--r--plugins/jetpack/extensions/blocks/premium-content/login-button/login-button.php7
-rw-r--r--plugins/jetpack/extensions/blocks/premium-content/premium-content.php2
4 files changed, 11 insertions, 4 deletions
diff --git a/plugins/jetpack/extensions/blocks/premium-content/_inc/subscription-service/class-jwt.php b/plugins/jetpack/extensions/blocks/premium-content/_inc/subscription-service/class-jwt.php
index f2d1f1d8..8f5b9b31 100644
--- a/plugins/jetpack/extensions/blocks/premium-content/_inc/subscription-service/class-jwt.php
+++ b/plugins/jetpack/extensions/blocks/premium-content/_inc/subscription-service/class-jwt.php
@@ -81,7 +81,7 @@ class JWT {
* @uses urlsafe_b64_decode
*/
public static function decode( $jwt, $key, array $allowed_algs = array() ) {
- $timestamp = is_null( static::$timestamp ) ? time() : static::$timestamp;
+ $timestamp = static::$timestamp === null ? time() : static::$timestamp;
if ( empty( $key ) ) {
throw new InvalidArgumentException( 'Key may not be empty' );
diff --git a/plugins/jetpack/extensions/blocks/premium-content/_inc/subscription-service/class-token-subscription-service.php b/plugins/jetpack/extensions/blocks/premium-content/_inc/subscription-service/class-token-subscription-service.php
index 05791022..5ab97af7 100644
--- a/plugins/jetpack/extensions/blocks/premium-content/_inc/subscription-service/class-token-subscription-service.php
+++ b/plugins/jetpack/extensions/blocks/premium-content/_inc/subscription-service/class-token-subscription-service.php
@@ -174,7 +174,7 @@ abstract class Token_Subscription_Service implements Subscription_Service {
*/
private function set_token_cookie( $token ) {
if ( ! empty( $token ) ) {
- setcookie( self::JWT_AUTH_TOKEN_COOKIE_NAME, $token, 0, '/' );
+ setcookie( self::JWT_AUTH_TOKEN_COOKIE_NAME, $token, 0, '/', COOKIE_DOMAIN, is_ssl(), true ); // httponly -- used by visitor_can_view_content() within the PHP context.
}
}
@@ -234,6 +234,8 @@ abstract class Token_Subscription_Service implements Subscription_Service {
* @return string URL of the JWT endpoint.
*/
private function get_rest_api_token_url( $site_id, $redirect_url ) {
+ // The redirect url might have a part URL encoded but not the whole URL.
+ $redirect_url = rawurldecode( $redirect_url );
return sprintf( '%smemberships/jwt?site_id=%d&redirect_url=%s', self::REST_URL_ORIGIN, $site_id, rawurlencode( $redirect_url ) );
}
diff --git a/plugins/jetpack/extensions/blocks/premium-content/login-button/login-button.php b/plugins/jetpack/extensions/blocks/premium-content/login-button/login-button.php
index 3238d8a9..535dd3d5 100644
--- a/plugins/jetpack/extensions/blocks/premium-content/login-button/login-button.php
+++ b/plugins/jetpack/extensions/blocks/premium-content/login-button/login-button.php
@@ -8,6 +8,7 @@
namespace Automattic\Jetpack\Extensions\Premium_Content;
use Automattic\Jetpack\Blocks;
+use Automattic\Jetpack\Extensions\Premium_Content\Subscription_Service\Token_Subscription_Service;
use Automattic\Jetpack\Status\Host;
use Jetpack_Gutenberg;
@@ -46,7 +47,11 @@ function render_login_button_block( $attributes, $content ) {
return '';
}
- if ( is_user_logged_in() ) {
+ $has_auth_cookie = isset( $_COOKIE[ Token_Subscription_Service::JWT_AUTH_TOKEN_COOKIE_NAME ] );
+ // phpcs:ignore WordPress.Security.NonceVerification.Recommended
+ $has_token_parameter = isset( $_GET['token'] );
+
+ if ( is_user_logged_in() || $has_auth_cookie || $has_token_parameter ) {
// The viewer is logged it, so they shouldn't see the login button.
return '';
}
diff --git a/plugins/jetpack/extensions/blocks/premium-content/premium-content.php b/plugins/jetpack/extensions/blocks/premium-content/premium-content.php
index 41915978..be10198d 100644
--- a/plugins/jetpack/extensions/blocks/premium-content/premium-content.php
+++ b/plugins/jetpack/extensions/blocks/premium-content/premium-content.php
@@ -75,7 +75,7 @@ function render_block( $attributes, $content ) {
}
// We don't use FEATURE_NAME here because styles are not in /container folder.
- Jetpack_Gutenberg::load_styles_as_required( 'premium-content' );
+ Jetpack_Gutenberg::load_assets_as_required( 'premium-content' );
return $content;
}