Issue with REST API Access for PayPal Express Payment
-
Dear Payment Plugins Team,
I have a custom code that only allows REST API access for certain endpoints or user agents. This code works for all accesses, such as Stripe or product partners, but it does not work for PayPal Express Payment. Here’s the code, which also shows the various attempts I’ve made in hopes that PayPal (Express Payment) would go through.
function restrict_wp_json_to_logged_in_users( $result ) {
$allowed_endpoints = array(
'/wp-json/wc-stripe/v1/webhook',
'/wp-json/wc/v3/orders',
'/wp-json/wc/v3',
'/wp-json/wc-ajax/',
'/wp-json/wc/v2',
'/wp-json/wc/store',
'/wp-json/wp/v2',
'/wp-json/wc-ppcp/v1/webhook/production', // PayPal Webhook v1
'/wp-json/wc-ppcp/v2/webhook/production', // PayPal Webhook v2
'/wp-json/wc-ppcp/v3/webhook/production', // PayPal Webhook v3
'/wp-json/wc-ppcp/v1/', //PayPal v1
'/wp-json/wc-ppcp/v2/', // PayPal v2
'/wp-json/wc-ppcp/v3/', // Paypal v3
'/wc-ajax/wc_ppcp_frontend_request', // PayPal AJAX/
);
$allowed_user_agents = array(
'Stripe/1.0',
'axios/1.6.6',
'PayPal-IPN',
);
$request_uri = $_SERVER['REQUEST_URI'];
$user_agent = $_SERVER['HTTP_USER_AGENT'];
$remote_ip = $_SERVER['REMOTE_ADDR'];
foreach ( $allowed_endpoints as $endpoint ) {
if ( strpos( $request_uri, $endpoint ) !== false ) {
return $result;
}
}
foreach ( $allowed_user_agents as $agent ) {
if ( strpos( $user_agent, $agent ) !== false ) {
return $result;
}
}
if ( !is_user_logged_in() && !current_user_can( 'edit_posts' ) ) {
return new WP_Error( 'rest_cannot_access', 'Only authenticated users have access to the REST API.', array( 'status' => 401 ) );
}
return $result;
}
add_filter( 'rest_authentication_errors', 'restrict_wp_json_to_logged_in_users' );Could you please let me know which user agent or other value I can enter to allow the PayPal Express payment method to go through? If I delete the entire code, it works, but then I lose the security of granting access only to selected addresses.
Thank you for your help.
Viewing 3 replies - 1 through 3 (of 3 total)
Viewing 3 replies - 1 through 3 (of 3 total)
- You must be logged in to reply to this topic.