copy pasta protected function from plugins

check if an api token exists
pantheon-systems · May 19, 2023 · d57cb2b · d57cb2b
1 parent 05f41c7
commit d57cb2b
Showing 1 changed file with 28 additions and 0 deletions.
diff --git a/php/pantheon/checks/themes.php b/php/pantheon/checks/themes.php
@@ -79,6 +79,34 @@ public function run() {
 		$this->alerts = $report;
 	}
 
+	/**
+	 * Get a WordPress vulnerability API token if one is defined and we're in the right environment.
+	 * Copied from wp_launch_check/php/pantheon/checks/plugins.php
+	 * Uses the WPSCAN_API_TOKEN constant if defined.
+	 *
+	 * @return string|false
+	 * @todo Replace this with a Patchstack API token.
+	 */
+	protected function getWpVulnApiToken() {
+		if ( defined( 'WPSCAN_API_TOKEN' ) ) {
+			// Don't use WPSCAN if PANTHEON_WPSCAN_ENVIRONMENTS have not been specified.
+			if( ! defined( 'PANTHEON_WPSCAN_ENVIRONMENTS' ) ) {
+				return false;
+			}
+
+			$environments = ( ! is_array( PANTHEON_WPSCAN_ENVIRONMENTS ) ) ? explode( ',', PANTHEON_WPSCAN_ENVIRONMENTS ) : PANTHEON_WPSCAN_ENVIRONMENTS;
+
+			// Only run WPSCAN on the specified environments unless it's been configured to run on all (*).
+			if ( in_array( getenv( 'PANTHEON_ENVIRONMENT' ), $environments, true ) || in_array( '*', $environments, true ) ) {
+				return WPSCAN_API_TOKEN;
+			}
+		}
+
+		// TODO: Replace this PANTHEON_WPVULNDB_API_TOKEN with a new Patchstack API token.
+		// return getenv( 'PANTHEON_WPVULNDB_API_TOKEN' );
+		return false;
+	}
+
 	/**
 	 * Checks the theme slug against the vulnerability db
 	 * @param $theme_slug string (required) string representing the theme slug