You've already forked wc-licensed-product
Fix API Verification Secret not visible in Docker environments
- Add ResponseSigner::getServerSecret() to check multiple sources - Check constant, getenv(), $_ENV, and $_SERVER for server secret - Update Plugin.php to use ResponseSigner::isSigningEnabled() - Maintains backward compatibility with standard WordPress setups Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
@@ -26,9 +26,7 @@ final class ResponseSigner
|
||||
|
||||
public function __construct()
|
||||
{
|
||||
$this->serverSecret = defined('WC_LICENSE_SERVER_SECRET')
|
||||
? WC_LICENSE_SERVER_SECRET
|
||||
: '';
|
||||
$this->serverSecret = self::getServerSecret();
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -185,7 +183,7 @@ final class ResponseSigner
|
||||
*/
|
||||
public static function getCustomerSecretForLicense(string $licenseKey): ?string
|
||||
{
|
||||
$serverSecret = defined('WC_LICENSE_SERVER_SECRET') ? WC_LICENSE_SERVER_SECRET : '';
|
||||
$serverSecret = self::getServerSecret();
|
||||
|
||||
if (empty($serverSecret)) {
|
||||
return null;
|
||||
@@ -201,6 +199,40 @@ final class ResponseSigner
|
||||
*/
|
||||
public static function isSigningEnabled(): bool
|
||||
{
|
||||
return defined('WC_LICENSE_SERVER_SECRET') && !empty(WC_LICENSE_SERVER_SECRET);
|
||||
return !empty(self::getServerSecret());
|
||||
}
|
||||
|
||||
/**
|
||||
* Get the server secret from constant or environment variable
|
||||
*
|
||||
* Checks in order:
|
||||
* 1. WC_LICENSE_SERVER_SECRET constant (preferred)
|
||||
* 2. WC_LICENSE_SERVER_SECRET environment variable (Docker fallback)
|
||||
*
|
||||
* @return string The server secret, or empty string if not configured
|
||||
*/
|
||||
public static function getServerSecret(): string
|
||||
{
|
||||
// First check the constant (standard WordPress configuration)
|
||||
if (defined('WC_LICENSE_SERVER_SECRET') && !empty(WC_LICENSE_SERVER_SECRET)) {
|
||||
return WC_LICENSE_SERVER_SECRET;
|
||||
}
|
||||
|
||||
// Fallback to environment variable (Docker environments)
|
||||
$envSecret = getenv('WC_LICENSE_SERVER_SECRET');
|
||||
if ($envSecret !== false && !empty($envSecret)) {
|
||||
return $envSecret;
|
||||
}
|
||||
|
||||
// Also check $_ENV and $_SERVER (some PHP configurations)
|
||||
if (!empty($_ENV['WC_LICENSE_SERVER_SECRET'])) {
|
||||
return $_ENV['WC_LICENSE_SERVER_SECRET'];
|
||||
}
|
||||
|
||||
if (!empty($_SERVER['WC_LICENSE_SERVER_SECRET'])) {
|
||||
return $_SERVER['WC_LICENSE_SERVER_SECRET'];
|
||||
}
|
||||
|
||||
return '';
|
||||
}
|
||||
}
|
||||
|
||||
@@ -147,7 +147,7 @@ final class Plugin
|
||||
new LicenseEmailController($this->licenseManager);
|
||||
|
||||
// Initialize response signing if server secret is configured
|
||||
if (defined('WC_LICENSE_SERVER_SECRET') && WC_LICENSE_SERVER_SECRET !== '') {
|
||||
if (ResponseSigner::isSigningEnabled()) {
|
||||
(new ResponseSigner())->register();
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user