diff options
Diffstat (limited to 'plugins/jetpack/extensions/blocks/premium-content')
4 files changed, 11 insertions, 4 deletions
diff --git a/plugins/jetpack/extensions/blocks/premium-content/_inc/subscription-service/class-jwt.php b/plugins/jetpack/extensions/blocks/premium-content/_inc/subscription-service/class-jwt.php index f2d1f1d8..8f5b9b31 100644 --- a/plugins/jetpack/extensions/blocks/premium-content/_inc/subscription-service/class-jwt.php +++ b/plugins/jetpack/extensions/blocks/premium-content/_inc/subscription-service/class-jwt.php @@ -81,7 +81,7 @@ class JWT { * @uses urlsafe_b64_decode */ public static function decode( $jwt, $key, array $allowed_algs = array() ) { - $timestamp = is_null( static::$timestamp ) ? time() : static::$timestamp; + $timestamp = static::$timestamp === null ? time() : static::$timestamp; if ( empty( $key ) ) { throw new InvalidArgumentException( 'Key may not be empty' ); diff --git a/plugins/jetpack/extensions/blocks/premium-content/_inc/subscription-service/class-token-subscription-service.php b/plugins/jetpack/extensions/blocks/premium-content/_inc/subscription-service/class-token-subscription-service.php index 05791022..5ab97af7 100644 --- a/plugins/jetpack/extensions/blocks/premium-content/_inc/subscription-service/class-token-subscription-service.php +++ b/plugins/jetpack/extensions/blocks/premium-content/_inc/subscription-service/class-token-subscription-service.php @@ -174,7 +174,7 @@ abstract class Token_Subscription_Service implements Subscription_Service { */ private function set_token_cookie( $token ) { if ( ! empty( $token ) ) { - setcookie( self::JWT_AUTH_TOKEN_COOKIE_NAME, $token, 0, '/' ); + setcookie( self::JWT_AUTH_TOKEN_COOKIE_NAME, $token, 0, '/', COOKIE_DOMAIN, is_ssl(), true ); // httponly -- used by visitor_can_view_content() within the PHP context. } } @@ -234,6 +234,8 @@ abstract class Token_Subscription_Service implements Subscription_Service { * @return string URL of the JWT endpoint. */ private function get_rest_api_token_url( $site_id, $redirect_url ) { + // The redirect url might have a part URL encoded but not the whole URL. + $redirect_url = rawurldecode( $redirect_url ); return sprintf( '%smemberships/jwt?site_id=%d&redirect_url=%s', self::REST_URL_ORIGIN, $site_id, rawurlencode( $redirect_url ) ); } diff --git a/plugins/jetpack/extensions/blocks/premium-content/login-button/login-button.php b/plugins/jetpack/extensions/blocks/premium-content/login-button/login-button.php index 3238d8a9..535dd3d5 100644 --- a/plugins/jetpack/extensions/blocks/premium-content/login-button/login-button.php +++ b/plugins/jetpack/extensions/blocks/premium-content/login-button/login-button.php @@ -8,6 +8,7 @@ namespace Automattic\Jetpack\Extensions\Premium_Content; use Automattic\Jetpack\Blocks; +use Automattic\Jetpack\Extensions\Premium_Content\Subscription_Service\Token_Subscription_Service; use Automattic\Jetpack\Status\Host; use Jetpack_Gutenberg; @@ -46,7 +47,11 @@ function render_login_button_block( $attributes, $content ) { return ''; } - if ( is_user_logged_in() ) { + $has_auth_cookie = isset( $_COOKIE[ Token_Subscription_Service::JWT_AUTH_TOKEN_COOKIE_NAME ] ); + // phpcs:ignore WordPress.Security.NonceVerification.Recommended + $has_token_parameter = isset( $_GET['token'] ); + + if ( is_user_logged_in() || $has_auth_cookie || $has_token_parameter ) { // The viewer is logged it, so they shouldn't see the login button. return ''; } diff --git a/plugins/jetpack/extensions/blocks/premium-content/premium-content.php b/plugins/jetpack/extensions/blocks/premium-content/premium-content.php index 41915978..be10198d 100644 --- a/plugins/jetpack/extensions/blocks/premium-content/premium-content.php +++ b/plugins/jetpack/extensions/blocks/premium-content/premium-content.php @@ -75,7 +75,7 @@ function render_block( $attributes, $content ) { } // We don't use FEATURE_NAME here because styles are not in /container folder. - Jetpack_Gutenberg::load_styles_as_required( 'premium-content' ); + Jetpack_Gutenberg::load_assets_as_required( 'premium-content' ); return $content; } |