Skip to content

Commit 74b8ac3

Browse files
sergeymitrmatticbot
sergeymitr
authored and
matticbot
committed
Connection: allow cookie auth for user provisioning (#42086)
Allow cookie-based authentication for the user provisioning endpoint. Previously we only allowed blog tokens and application passwords. Committed via a GitHub action: https://github.com/Automattic/jetpack/actions/runs/13567747286 Upstream-Ref: Automattic/jetpack@b2fb1d1
1 parent af62c82 commit 74b8ac3

File tree

7 files changed

+116
-118
lines changed

7 files changed

+116
-118
lines changed

jetpack_vendor/automattic/jetpack-connection/CHANGELOG.md

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -9,6 +9,9 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
99

1010
This is an alpha version! The changes listed here are not final.
1111

12+
### Added
13+
- Allow cookie auth for user provisioning.
14+
1215
### Removed
1316
- Remove register_nonce from site connection.
1417

jetpack_vendor/automattic/jetpack-connection/src/class-rest-connector.php

Lines changed: 2 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -414,13 +414,8 @@ public function remote_register( WP_REST_Request $request ) {
414414
* @return true|WP_Error
415415
*/
416416
public function remote_provision_permission_check( WP_REST_Request $request ) {
417-
// We allow the app password authentication only if 'local_user' is empty for security reasons.
418-
if ( empty( $request['local_user'] ) && did_action( 'application_password_did_authenticate' ) ) {
419-
if ( current_user_can( 'jetpack_connect_user' ) ) {
420-
return true;
421-
}
422-
423-
return new WP_Error( 'invalid_user_permission_remote_provision', self::get_user_permissions_error_msg(), array( 'status' => rest_authorization_required_code() ) );
417+
if ( empty( $request['local_user'] ) && current_user_can( 'jetpack_connect_user' ) ) {
418+
return true;
424419
}
425420

426421
return Rest_Authentication::is_signed_with_blog_token()

jetpack_vendor/i18n-map.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -26,7 +26,7 @@
2626
),
2727
'jetpack-connection' => array(
2828
'path' => 'jetpack_vendor/automattic/jetpack-connection',
29-
'ver' => '6.7.0-alpha1740604370',
29+
'ver' => '6.7.0-alpha1740663564',
3030
),
3131
'jetpack-explat' => array(
3232
'path' => 'jetpack_vendor/automattic/jetpack-explat',

vendor/composer/installed.json

Lines changed: 30 additions & 30 deletions
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,7 @@
77
"dist": {
88
"type": "path",
99
"url": "/tmp/jetpack-build/Automattic/jetpack-a8c-mc-stats",
10-
"reference": "b623ff5e864156e2d83bf0cb5524084665a8b39f"
10+
"reference": "e78fc63742047e582c1b3e8eb294842628e950c0"
1111
},
1212
"require": {
1313
"php": ">=7.2"
@@ -63,7 +63,7 @@
6363
"dist": {
6464
"type": "path",
6565
"url": "/tmp/jetpack-build/Automattic/jetpack-admin-ui",
66-
"reference": "f994135715a0a0998db9d96b61dc4425b410520b"
66+
"reference": "7c1ae6f06dbc303cdbbcb73ef511e97b5952e12d"
6767
},
6868
"require": {
6969
"php": ">=7.2"
@@ -125,7 +125,7 @@
125125
"dist": {
126126
"type": "path",
127127
"url": "/tmp/jetpack-build/Automattic/jetpack-assets",
128-
"reference": "68afc31316166f1c92807479784300e435fd665a"
128+
"reference": "6687c4324eefd86b020b18831b8ba0b66c5054a2"
129129
},
130130
"require": {
131131
"automattic/jetpack-constants": "^3.0.2",
@@ -197,7 +197,7 @@
197197
"dist": {
198198
"type": "path",
199199
"url": "/tmp/jetpack-build/Automattic/jetpack-autoloader",
200-
"reference": "321eed3977f015be0acee9b34066ce7a15114701"
200+
"reference": "e71677a510c41a5c7b7f65894de931b0c6bfb520"
201201
},
202202
"require": {
203203
"composer-plugin-api": "^2.2",
@@ -268,7 +268,7 @@
268268
"dist": {
269269
"type": "path",
270270
"url": "/tmp/jetpack-build/Automattic/jetpack-boost-core",
271-
"reference": "97629a93e5f0c3df3dcfb5360ff6ae561849c51b"
271+
"reference": "60090f17aa45ac961a2a85d30deedadd4588b679"
272272
},
273273
"require": {
274274
"automattic/jetpack-connection": "^6.7.0-alpha",
@@ -326,7 +326,7 @@
326326
"dist": {
327327
"type": "path",
328328
"url": "/tmp/jetpack-build/Automattic/jetpack-boost-speed-score",
329-
"reference": "f4a25bea36bd7f9aae34278c1262c5a05df7abdb"
329+
"reference": "868c12e20a85c0df397709c3a24049d18cca1175"
330330
},
331331
"require": {
332332
"automattic/jetpack-boost-core": "^0.3.6",
@@ -393,7 +393,7 @@
393393
"dist": {
394394
"type": "path",
395395
"url": "/tmp/jetpack-build/Automattic/jetpack-composer-plugin",
396-
"reference": "8675a43fb48cb1f3d74cf0b70ea2fbb209c16a0e"
396+
"reference": "ad0a67cbe3e28059c1eb9f4f8796e2ee403b5dad"
397397
},
398398
"require": {
399399
"composer-plugin-api": "^2.2",
@@ -456,7 +456,7 @@
456456
"dist": {
457457
"type": "path",
458458
"url": "/tmp/jetpack-build/Automattic/jetpack-config",
459-
"reference": "8aa23e758a619e554bc7fe35d4b706d9e6de1b8b"
459+
"reference": "43e5352ed25a6a37aac5637af5d68c43001571e8"
460460
},
461461
"require": {
462462
"php": ">=7.2"
@@ -526,12 +526,12 @@
526526
},
527527
{
528528
"name": "automattic/jetpack-connection",
529-
"version": "6.7.0-alpha.1740604370",
530-
"version_normalized": "6.7.0.0-alpha1740604370",
529+
"version": "6.7.0-alpha.1740663564",
530+
"version_normalized": "6.7.0.0-alpha1740663564",
531531
"dist": {
532532
"type": "path",
533533
"url": "/tmp/jetpack-build/Automattic/jetpack-connection",
534-
"reference": "c05aed32f46143050f57a1060066c3bd14f7ba2a"
534+
"reference": "c44d954975a977619fdc58254c1fcbb02c75b21e"
535535
},
536536
"require": {
537537
"automattic/jetpack-a8c-mc-stats": "^3.0.1",
@@ -618,7 +618,7 @@
618618
"dist": {
619619
"type": "path",
620620
"url": "/tmp/jetpack-build/Automattic/jetpack-constants",
621-
"reference": "68f462672f8f77664317ca40d490d70e06333bc1"
621+
"reference": "e91d1d14b084097d9d612736713ec54269d5938c"
622622
},
623623
"require": {
624624
"php": ">=7.2"
@@ -675,7 +675,7 @@
675675
"dist": {
676676
"type": "path",
677677
"url": "/tmp/jetpack-build/Automattic/jetpack-device-detection",
678-
"reference": "820c310ee75e84fd8a28d3444ee478bab181920f"
678+
"reference": "293f6e5456be2291070d1972d2fdca866502addf"
679679
},
680680
"require": {
681681
"php": ">=7.2"
@@ -731,7 +731,7 @@
731731
"dist": {
732732
"type": "path",
733733
"url": "/tmp/jetpack-build/Automattic/jetpack-explat",
734-
"reference": "1fdecdc27ae952ba00d4f61604bfe0574e050124"
734+
"reference": "d7b85752ee4aacbef32fb127176021c4a9bc7811"
735735
},
736736
"require": {
737737
"automattic/jetpack-connection": "^6.7.0-alpha",
@@ -809,7 +809,7 @@
809809
"dist": {
810810
"type": "path",
811811
"url": "/tmp/jetpack-build/Automattic/jetpack-ip",
812-
"reference": "e2b78c59bcd3a470833e00e150e73f782e216787"
812+
"reference": "5a935785a4cb6e4b4b0a56698d1a1e938aef1618"
813813
},
814814
"require": {
815815
"php": ">=7.2"
@@ -870,7 +870,7 @@
870870
"dist": {
871871
"type": "path",
872872
"url": "/tmp/jetpack-build/Automattic/jetpack-jitm",
873-
"reference": "a68dc50e3148088467edd5e38c2a000e0ecaec15"
873+
"reference": "cd30ee689525c6f8539404d03f45c853073f2bed"
874874
},
875875
"require": {
876876
"automattic/jetpack-a8c-mc-stats": "^3.0.1",
@@ -948,7 +948,7 @@
948948
"dist": {
949949
"type": "path",
950950
"url": "/tmp/jetpack-build/Automattic/jetpack-licensing",
951-
"reference": "3c08d7c50edafeb8503c4769d08e00b719c5cfb1"
951+
"reference": "4c91539c2f92dda6459e36f6fcdcf448076dce82"
952952
},
953953
"require": {
954954
"automattic/jetpack-connection": "^6.7.0-alpha",
@@ -1007,7 +1007,7 @@
10071007
"dist": {
10081008
"type": "path",
10091009
"url": "/tmp/jetpack-build/Automattic/jetpack-logo",
1010-
"reference": "222c2d1ff63fb0270ad21c2d47ceb0b0c16c7b66"
1010+
"reference": "ed430ab465424ff1681fe1ee743e71e11d1c9aa7"
10111011
},
10121012
"require": {
10131013
"php": ">=7.2"
@@ -1063,7 +1063,7 @@
10631063
"dist": {
10641064
"type": "path",
10651065
"url": "/tmp/jetpack-build/Automattic/jetpack-my-jetpack",
1066-
"reference": "20b9f9a9e1d3e734673b9896e4447ded04871014"
1066+
"reference": "dfa84d291d0576ddbac74f2fd30b6dff55309a57"
10671067
},
10681068
"require": {
10691069
"automattic/jetpack-admin-ui": "^0.5.3",
@@ -1162,7 +1162,7 @@
11621162
"dist": {
11631163
"type": "path",
11641164
"url": "/tmp/jetpack-build/Automattic/jetpack-password-checker",
1165-
"reference": "93e6b4c4c7743a56e1d33fc179815a03ff81c1d7"
1165+
"reference": "7435607924fbc5b18c76bcdb3fa6c15fb871b9f6"
11661166
},
11671167
"require": {
11681168
"php": ">=7.2"
@@ -1220,7 +1220,7 @@
12201220
"dist": {
12211221
"type": "path",
12221222
"url": "/tmp/jetpack-build/Automattic/jetpack-plans",
1223-
"reference": "f9c429d28fd3fdee0cd457403b324693fd569140"
1223+
"reference": "7869d830412e4a4cf4028cf9968982efa57a2c9c"
12241224
},
12251225
"require": {
12261226
"automattic/jetpack-connection": "^6.7.0-alpha",
@@ -1285,7 +1285,7 @@
12851285
"dist": {
12861286
"type": "path",
12871287
"url": "/tmp/jetpack-build/Automattic/jetpack-plugins-installer",
1288-
"reference": "136cbfd55a2596f9c66f89f11f767630cda3fa7b"
1288+
"reference": "8dc89a7a5893c626d1b2111d49512afa19b775d6"
12891289
},
12901290
"require": {
12911291
"automattic/jetpack-a8c-mc-stats": "^3.0.1",
@@ -1344,7 +1344,7 @@
13441344
"dist": {
13451345
"type": "path",
13461346
"url": "/tmp/jetpack-build/Automattic/jetpack-protect-models",
1347-
"reference": "d1c6d4832262b49bc14b94721df601ab4e31982b"
1347+
"reference": "b065e18898c4593cafd8f1e29b607da4cf3cd293"
13481348
},
13491349
"require": {
13501350
"automattic/jetpack-redirect": "^3.0.2",
@@ -1412,7 +1412,7 @@
14121412
"dist": {
14131413
"type": "path",
14141414
"url": "/tmp/jetpack-build/Automattic/jetpack-protect-status",
1415-
"reference": "0eedfb55281af83c8d6ac207ccced8aa5a8638e2"
1415+
"reference": "1db2b2df3052282752359ae6ff9e95c0915b943d"
14161416
},
14171417
"require": {
14181418
"automattic/jetpack-connection": "^6.7.0-alpha",
@@ -1484,7 +1484,7 @@
14841484
"dist": {
14851485
"type": "path",
14861486
"url": "/tmp/jetpack-build/Automattic/jetpack-redirect",
1487-
"reference": "5d155e6351cd32caef967c5400a1110812421dae"
1487+
"reference": "0adeb4f5616c3dd79fe47cf2bb3121bd3e6b66bb"
14881488
},
14891489
"require": {
14901490
"automattic/jetpack-status": "^5.0.5-alpha",
@@ -1542,7 +1542,7 @@
15421542
"dist": {
15431543
"type": "path",
15441544
"url": "/tmp/jetpack-build/Automattic/jetpack-roles",
1545-
"reference": "e3f753fd06768c693fd2f1cdbae0a3ec4fbf0475"
1545+
"reference": "0f19a674f2d63488f9eb4485318be4b26af6b988"
15461546
},
15471547
"require": {
15481548
"php": ">=7.2"
@@ -1599,7 +1599,7 @@
15991599
"dist": {
16001600
"type": "path",
16011601
"url": "/tmp/jetpack-build/Automattic/jetpack-search",
1602-
"reference": "16ec280e3886d61645d751bc815f3c1c5f09b782"
1602+
"reference": "6127e4625e1d5c1e9bdecad70e97be864f4695aa"
16031603
},
16041604
"require": {
16051605
"automattic/jetpack-assets": "^4.0.8",
@@ -1684,7 +1684,7 @@
16841684
"dist": {
16851685
"type": "path",
16861686
"url": "/tmp/jetpack-build/Automattic/jetpack-stats",
1687-
"reference": "45ea00cd97712fba322ba6f3acfa78459d66052f"
1687+
"reference": "2b83e7e0876c1a61b3047cfac2728b771f0c3970"
16881688
},
16891689
"require": {
16901690
"automattic/jetpack-connection": "^6.7.0-alpha",
@@ -1748,7 +1748,7 @@
17481748
"dist": {
17491749
"type": "path",
17501750
"url": "/tmp/jetpack-build/Automattic/jetpack-status",
1751-
"reference": "d84847b00e261163c3ec1ebfad38ebeb71480410"
1751+
"reference": "3a618db0b2e377075811c58d8542d642f7cbc5f6"
17521752
},
17531753
"require": {
17541754
"automattic/jetpack-constants": "^3.0.2",
@@ -1815,7 +1815,7 @@
18151815
"dist": {
18161816
"type": "path",
18171817
"url": "/tmp/jetpack-build/Automattic/jetpack-sync",
1818-
"reference": "5844a0836ae8fdec900524b8fd98c92395187344"
1818+
"reference": "5e6f495aaa67431d2fa1ce39ce6e31852b3a1a8e"
18191819
},
18201820
"require": {
18211821
"automattic/jetpack-connection": "^6.7.0-alpha",

0 commit comments

Comments
 (0)