From 619dc13d7fef58b9b1f6b57847bf12748428a6f4 Mon Sep 17 00:00:00 2001
From: tommasomeli <tommasomeli.95@gmail.com>
Date: Fri, 19 Nov 2021 04:05:54 +0100
Subject: [PATCH] Change namespace via query parameter

---
 swaggerauth.php      | 86 +++++++++++++++++++++++---------------------
 swaggerbag.php       | 42 +++++++++++++---------
 swaggersetting.php   | 47 +++++++++++++-----------
 swaggertemplate.php  |  7 ++--
 template/notice.php  |  2 +-
 template/setting.php | 41 ++++++++++++++++-----
 template/single.php  |  7 ++--
 wp-api-swaggerui.php | 27 +++++++++++---
 8 files changed, 164 insertions(+), 95 deletions(-)

diff --git a/swaggerauth.php b/swaggerauth.php
index 5ac6027..b13478f 100644
--- a/swaggerauth.php
+++ b/swaggerauth.php
@@ -1,45 +1,47 @@
 <?php
 
-class SwaggerAuth {
+class SwaggerAuth
+{
 
 	private $error = null;
 
-	public function handler( $user_id ) {
+	public function handler($user_id)
+	{
 		// Don't authenticate twice
-		if ( ! empty( $user_id ) ) {
+		if (!empty($user_id)) {
 			return $user_id;
 		}
 
-		$server = new SwaggerBag( $_SERVER );
+		$server = new SwaggerBag($_SERVER);
 
 		// Check that we're trying to authenticate
-		if ( ! $server->has( 'PHP_AUTH_USER' ) ) {
-			
-			$user_pass = $server->get( 'REDIRECT_HTTP_AUTHORIZATION' );
-			if ( $server->has( 'REDIRECT_HTTP_AUTHORIZATION' ) && ! empty( $user_pass )  ) {
-				list($username, $password) = explode( ':', base64_decode( substr( $user_pass, 6 ) ) );
-				$server->set( 'PHP_AUTH_USER', $username );
-				$server->set( 'PHP_AUTH_PW', $password );
+		if (!$server->has('PHP_AUTH_USER')) {
+
+			$user_pass = $server->get('REDIRECT_HTTP_AUTHORIZATION');
+			if ($server->has('REDIRECT_HTTP_AUTHORIZATION') && !empty($user_pass)) {
+				list($username, $password) = explode(':', base64_decode(substr($user_pass, 6)));
+				$server->set('PHP_AUTH_USER', $username);
+				$server->set('PHP_AUTH_PW', $password);
 			} else {
 				return $user_id;
 			}
 		}
 
-		$username	 = $server->get( 'PHP_AUTH_USER' );
-		$password	 = $server->get( 'PHP_AUTH_PW' );
+		$username	 = $server->get('PHP_AUTH_USER');
+		$password	 = $server->get('PHP_AUTH_PW');
 		/**
 		 * In multi-site, wp_authenticate_spam_check filter is run on authentication. This filter calls
 		 * get_currentuserinfo which in turn calls the determine_current_user filter. This leads to infinite
 		 * recursion and a stack overflow unless the current function is removed from the determine_current_user
 		 * filter during authentication.
 		 */
-		remove_filter( 'determine_current_user', [ $this, 'handler' ], 14 );
+		remove_filter('determine_current_user', [$this, 'handler'], 14);
 
-		$user = wp_authenticate( $username, $password );
+		$user = wp_authenticate($username, $password);
 
-		add_filter( 'determine_current_user', [ $this, 'handler' ], 14 );
+		add_filter('determine_current_user', [$this, 'handler'], 14);
 
-		if ( is_wp_error( $user ) ) {
+		if (is_wp_error($user)) {
 			$this->error = $user;
 			return null;
 		}
@@ -49,17 +51,19 @@ public function handler( $user_id ) {
 		return $user->ID;
 	}
 
-	public function error( $error ) {
+	public function error($error)
+	{
 
-		if ( ! empty( $error ) ) {
+		if (!empty($error)) {
 			return $error;
 		}
 
 		return $this->error;
 	}
 
-	public function appendSwaggerAuth( $auth ) {
-		if ( ! is_array( $auth ) ) {
+	public function appendSwaggerAuth($auth)
+	{
+		if (!is_array($auth)) {
 			$auth = [];
 		}
 
@@ -70,31 +74,31 @@ public function appendSwaggerAuth( $auth ) {
 		return $auth;
 	}
 
-	private function getUserDataByConsumerKey( $consumer_key ) {
-	    global $wpdb;
-
-	    $consumer_key = wc_api_hash( sanitize_text_field( $consumer_key ) );
-	    return $wpdb->get_row( $wpdb->prepare( "SELECT key_id, user_id, permissions, consumer_key, consumer_secret, nonces FROM {$wpdb->prefix}woocommerce_api_keys WHERE consumer_key = %s LIMIT 1", $consumer_key ) );
-    }
+	private function getUserDataByConsumerKey($consumer_key)
+	{
+		global $wpdb;
 
-    public function authenticate( $user, $username, $password ) {
+		$consumer_key = wc_api_hash(sanitize_text_field($consumer_key));
+		return $wpdb->get_row($wpdb->prepare("SELECT key_id, user_id, permissions, consumer_key, consumer_secret, nonces FROM {$wpdb->prefix}woocommerce_api_keys WHERE consumer_key = %s LIMIT 1", $consumer_key));
+	}
 
-	    if ( ! ( $user instanceof WP_User ) &&  class_exists( 'woocommerce' ) ) {
-	        $u = $this->getUserDataByConsumerKey( $username );
-	        if ( ! empty( $u ) && hash_equals( $u->consumer_secret, $password ) ) {
-                $user = get_user_by( 'ID', $u->user_id );
-            }
-        }
+	public function authenticate($user, $username, $password)
+	{
 
-	    return $user;
-    }
+		if (!($user instanceof WP_User) &&  class_exists('woocommerce')) {
+			$u = $this->getUserDataByConsumerKey($username);
+			if (!empty($u) && hash_equals($u->consumer_secret, $password)) {
+				$user = get_user_by('ID', $u->user_id);
+			}
+		}
 
+		return $user;
+	}
 }
 
 $basic = new SwaggerAuth();
 
-add_filter( 'determine_current_user', [ $basic, 'handler' ], 14 );
-add_filter( 'authenticate', [ $basic, 'authenticate' ], 21, 3 );
-add_filter( 'rest_authentication_errors', [ $basic, 'error' ] );
-add_filter( 'swagger_api_security_definitions', [ $basic, 'appendSwaggerAuth' ] );
-
+add_filter('determine_current_user', [$basic, 'handler'], 14);
+add_filter('authenticate', [$basic, 'authenticate'], 21, 3);
+add_filter('rest_authentication_errors', [$basic, 'error']);
+add_filter('swagger_api_security_definitions', [$basic, 'appendSwaggerAuth']);
diff --git a/swaggerbag.php b/swaggerbag.php
index 42d3e90..c40ae0e 100644
--- a/swaggerbag.php
+++ b/swaggerbag.php
@@ -1,50 +1,58 @@
 <?php
 
-class SwaggerBag {
+class SwaggerBag
+{
 
 	public $items = [];
 
-	public function __construct( $items = [] ) {
-		$this->replace( $items );
+	public function __construct($items = [])
+	{
+		$this->replace($items);
 	}
 
-	public function replace( $items = [] ) {
+	public function replace($items = [])
+	{
 		$this->items = $items;
 	}
 
-	public function set( $name, $value ) {
+	public function set($name, $value)
+	{
 		$this->items[$name] = $value;
 	}
 
-	public function get( $name ) {
-		return isset( $this->items[$name] ) ? $this->items[$name] : null;
+	public function get($name)
+	{
+		return isset($this->items[$name]) ? $this->items[$name] : null;
 	}
 
-	public function has( $name ) {
-		return array_key_exists( $name, $this->items );
+	public function has($name)
+	{
+		return array_key_exists($name, $this->items);
 	}
 
-	public function all() {
+	public function all()
+	{
 		return $this->items;
 	}
 
-	public function keys() {
-		return array_keys( $this->items );
+	public function keys()
+	{
+		return array_keys($this->items);
 	}
 
-	public function only( $name ) {
-		$look = is_array( $name ) ? $name : func_get_args();
+	public function only($name)
+	{
+		$look = is_array($name) ? $name : func_get_args();
 
 		$all		 = $this->all();
 		$filtered	 = [];
 
-		foreach ( $look as $key ) {
-			if ( isset( $all[$key] ) ) {
+		foreach ($look as $key) {
+			if (isset($all[$key])) {
 				$filtered[$key] = $all[$key];
 			}
 		}
 
 		return $filtered;
 	}
-
 }
diff --git a/swaggersetting.php b/swaggersetting.php
index 4417039..f7f4932 100644
--- a/swaggersetting.php
+++ b/swaggersetting.php
@@ -1,53 +1,60 @@
 <?php
 
-class SwaggerSetting {
+class SwaggerSetting
+{
 
-	public function menu() {
-		add_submenu_page( 'options-general.php', 'Swagger Setting', 'Swagger', 'manage_options', 'swagger-ui', [ $this, 'display' ] );
+	public function menu()
+	{
+		add_submenu_page('options-general.php', 'Swagger Setting', 'Swagger', 'manage_options', 'swagger-ui', [$this, 'display']);
 	}
 
-	public function saveSetting() {
+	public function saveSetting()
+	{
 
-		if ( isset( $_POST['_wpnonce'] ) && current_user_can( 'manage_options' ) && wp_verify_nonce( $_POST['_wpnonce'], 'swagger_api_setting' ) ) {
+		if (isset($_POST['_wpnonce']) && current_user_can('manage_options') && wp_verify_nonce($_POST['_wpnonce'], 'swagger_api_setting')) {
 
-			if ( isset( $_POST['swagger_api_basepath'] ) ) {
-				update_option( 'swagger_api_basepath', sanitize_text_field( $_POST['swagger_api_basepath'] ) );
+			if (isset($_POST['swagger_api_basepath'])) {
+				update_option('swagger_api_basepath', sanitize_text_field($_POST['swagger_api_basepath']));
 			}
 
-			add_action( 'admin_notices', [ $this, 'notices' ] );
+			add_action('admin_notices', [$this, 'notices']);
 		}
 	}
 
-	public function notices() {
-		echo self::template( 'notice' );
+	public function notices()
+	{
+		echo self::template('notice');
 	}
 
-	public function display() {
+	public function display()
+	{
 
 		$data							 = [];
 		$data['page_title']				 = get_admin_page_title();
-		$data['swagger_api_basepath']	 = WP_API_SwaggerUI::getCLeanNameSpace();
+		$data['swagger_api_basepath']	 = WP_API_SwaggerUI::getCleanNameSpace();
 		$data['namespaces']				 = rest_get_server()->get_namespaces();
-		$data['docs_url']				 = home_url( untrailingslashit( WP_API_SwaggerUI::rewriteBaseApi() ) . '/docs' );
+		$data['docs_url']				 = home_url(untrailingslashit(WP_API_SwaggerUI::rewriteBaseApi()) . '/docs');
+		$data['schema_url']				 = home_url(untrailingslashit(WP_API_SwaggerUI::rewriteBaseApi()) . '/schema');
+		$data['ns_url']				 	 = home_url(untrailingslashit(WP_API_SwaggerUI::rewriteBaseApi()) . '/ns');
 
-		echo self::template( 'setting', $data );
+		echo self::template('setting', $data);
 	}
 
-	public static function template( $file, $data = [] ) {
+	public static function template($file, $data = [])
+	{
 		ob_start();
 
 		$__file = __DIR__ . DIRECTORY_SEPARATOR . 'template/' . $file . '.php';
-		if ( is_readable( $__file ) ) {
-			extract( $data, EXTR_SKIP );
+		if (is_readable($__file)) {
+			extract($data, EXTR_SKIP);
 			include $__file;
 		}
 
 		return ob_get_clean();
 	}
-
 }
 
 $swaggerSetting = new SwaggerSetting();
 
-add_action( 'admin_menu', [ $swaggerSetting, 'menu' ] );
-add_action( 'init', [ $swaggerSetting, 'saveSetting' ] );
+add_action('admin_menu', [$swaggerSetting, 'menu']);
+add_action('init', [$swaggerSetting, 'saveSetting']);
diff --git a/swaggertemplate.php b/swaggertemplate.php
index a081911..16783df 100644
--- a/swaggertemplate.php
+++ b/swaggertemplate.php
@@ -8,6 +8,9 @@ public function view($template)
         if (get_query_var('swagger_api') === 'docs') {
             $template = WP_API_SwaggerUI::pluginPath('template/single.php');
         }
+        if (get_query_var('swagger_api') === 'ns') {
+            die(WP_API_SwaggerUI::getNameSpaces());
+        }
         return $template;
     }
 
@@ -51,8 +54,9 @@ public function enqueueScritps()
             $info_js = $this->getAssetInfo('assets/js/app');
             wp_enqueue_script('swagger-ui', WP_API_SwaggerUI::pluginUrl('assets/js/app.js'), $info_js['dependencies'], $info_js['version'], true);
 
+            $qpNameSpace = WP_API_SwaggerUI::getQPNameSpace();
             $l10n = array(
-                'schema_url' => home_url(WP_API_SwaggerUI::rewriteBaseApi() . '/schema')
+                'schema_url' => home_url(WP_API_SwaggerUI::rewriteBaseApi() . '/schema' . ($qpNameSpace ? "?namespace=$qpNameSpace" : ""))
             );
             wp_localize_script('swagger-ui', 'swagger_ui_app', $l10n);
         }
@@ -70,7 +74,6 @@ public function getAssetInfo($name = '')
 
         return $info;
     }
-
 }
 
 $swaggerTemplate = new SwaggerTemplate();
diff --git a/template/notice.php b/template/notice.php
index 26eb99a..0e4ff76 100644
--- a/template/notice.php
+++ b/template/notice.php
@@ -1,3 +1,3 @@
 <div class="notice notice-success is-dismissible">
-	<p><?php echo esc_attr( 'Settings saved.' ); ?></p>
+	<p><?php echo esc_attr('Settings saved.'); ?></p>
 </div>
\ No newline at end of file
diff --git a/template/setting.php b/template/setting.php
index 8ced416..d772ca0 100644
--- a/template/setting.php
+++ b/template/setting.php
@@ -1,27 +1,52 @@
 <div class="wrap">
 	<h2><?php echo $page_title; ?></h2>
 	<form action="" method="post">
-		<?php wp_nonce_field( 'swagger_api_setting' ) ?>
+		<?php wp_nonce_field('swagger_api_setting') ?>
 		<table class="form-table">
-			<tbody>		
+			<tbody>
 				<tr>
-					<th>API Basepath</th>
+					<th>API Default namespace</th>
 					<td>
 						<select name="swagger_api_basepath">
 							<?php
-							foreach ( $namespaces as $namespace ) {
+							foreach ($namespaces as $namespace) {
 								?>
-								<option value="<?php echo esc_attr( $namespace ); ?>" <?php selected( $namespace, $swagger_api_basepath ) ?>><?php echo esc_html( $namespace ); ?></option>
-								<?php
+								<option value="<?php echo esc_attr($namespace); ?>" <?php selected($namespace, $swagger_api_basepath) ?>><?php echo esc_html($namespace); ?></option>
+							<?php
 							}
 							?>
 						</select>
 					</td>
-				</tr>	
+				</tr>
 				<tr>
 					<th>API Docs</th>
 					<td>
-						<a href="<?php echo esc_url( $docs_url ); ?>" target="__blank">Docs URL</a>
+						<a href="<?php echo esc_url($docs_url); ?>" target="__blank">Docs URL</a>
+					</td>
+				</tr>
+				<tr>
+					<th>API Schema</th>
+					<td>
+						<a href="<?php echo esc_url($schema_url); ?>" target="__blank">Schema URL</a>
+					</td>
+				</tr>
+				<tr>
+					<th>API namespaces list</th>
+					<td>
+						<a href="<?php echo esc_url($ns_url); ?>" target="__blank">NS List URL</a>
+					</td>
+				</tr>
+				<tr>
+					<th>Notes</th>
+					<td>
+						<ul>
+							<li>
+								<small>
+									Add <code>namespace</code> query parameter to change the default
+									(eg <code><?php echo esc_url($docs_url); ?>?namespace=wp/v2</code>)
+								</small>
+							</li>
+						</ul>
 					</td>
 				</tr>
 			</tbody>
diff --git a/template/single.php b/template/single.php
index 228887a..862887d 100644
--- a/template/single.php
+++ b/template/single.php
@@ -1,10 +1,13 @@
 <!DOCTYPE html>
 <html lang="<?php language_attributes(); ?>">
+
 <head>
     <?php wp_head(); ?>
 </head>
+
 <body>
-<div id="swagger-ui"></div>
-<?php wp_footer(); ?>
+    <div id="swagger-ui"></div>
+    <?php wp_footer(); ?>
 </body>
+
 </html>
\ No newline at end of file
diff --git a/wp-api-swaggerui.php b/wp-api-swaggerui.php
index 1765d01..863f5cf 100644
--- a/wp-api-swaggerui.php
+++ b/wp-api-swaggerui.php
@@ -1,4 +1,5 @@
 <?php
+
 /**
  * WP API SwaggerUI
  *
@@ -38,6 +39,7 @@ public function routes()
         add_rewrite_tag('%swagger_api%', '([^&]+)');
         add_rewrite_rule('^' . $base . '/docs/?', 'index.php?swagger_api=docs', 'top');
         add_rewrite_rule('^' . $base . '/schema/?', 'index.php?swagger_api=schema', 'top');
+        add_rewrite_rule('^' . $base . '/ns/?', 'index.php?swagger_api=ns', 'top');
     }
 
     public static function rewriteBaseApi()
@@ -114,12 +116,29 @@ public function getSchemes()
         return $schemes;
     }
 
+    public static function getNameSpaces()
+    {
+        return json_encode(rest_get_server()->get_namespaces(), JSON_FORCE_OBJECT);
+    }
+
+    public static function getQPNameSpace()
+    {
+        $qp = array();
+        parse_str($_SERVER['QUERY_STRING'], $qp);
+        return isset($qp['namespace']) && in_array($qp['namespace'], rest_get_server()->get_namespaces()) ? $qp['namespace'] : NULL;
+    }
+
+    public static function getDefaultNameSpace()
+    {
+        return get_option('swagger_api_basepath', '/wp/v2');
+    }
+
     public static function getNameSpace()
     {
-        return '/' . trim(get_option('swagger_api_basepath', '/wp/v2'), '/');
+        return '/' . trim(self::getQPNameSpace() ?: self::getDefaultNameSpace(), '/');
     }
 
-    public static function getCLeanNameSpace()
+    public static function getCleanNameSpace()
     {
         return trim(self::getNameSpace(), '/');
     }
@@ -392,7 +411,8 @@ public function getSecurity()
         return $securities;
     }
 
-    public function getResponses( $methodEndpoint ) {
+    public function getResponses($methodEndpoint)
+    {
         return apply_filters('swagger_api_responses_' . $methodEndpoint, array(
             '200' => ['description' => 'OK'],
             '404' => ['description' => 'Not Found'],
@@ -423,7 +443,6 @@ public static function debug($params = null)
         echo '</pre>';
         die();
     }
-
 }
 
 $swagerui = new WP_API_SwaggerUI();