Automattic\WooCommerce\StoreApi\Utilities

AgenticCheckoutUtils::is_authorizedpublic staticWC 1.0

Check if the Agentic Checkout feature is enabled and request is authorized.

Validates bearer token against registered agents in the agent registry.

Method of the class: AgenticCheckoutUtils{}

No Hooks.

Returns

true|false|\WP_Error. True if authorized, WP_Error otherwise.

Usage

$result = AgenticCheckoutUtils::is_authorized( $request );
$request(WP_REST_Request)
Request object.
Default: null

AgenticCheckoutUtils::is_authorized() code WC 10.4.3

woocommerce/src/StoreApi/Utilities/AgenticCheckoutUtils.php 
public static function is_authorized( $request = null ) {
	if ( null === $request ) {
		return new \WP_Error(
			'invalid_request',
			__( 'Invalid request object.', 'woocommerce' ),
			array(
				'status' => 400,
				'type'   => 'invalid_request',
				'code'   => 'invalid_request',
			)
		);
	}

	$auth_header = $request->get_header( 'Authorization' );
	if ( empty( $auth_header ) || 0 !== stripos( $auth_header, 'Bearer ' ) ) {
		return new \WP_Error(
			'invalid_request',
			__( 'Invalid authorization.', 'woocommerce' ),
			array(
				'status' => 400,
				'type'   => 'invalid_request',
				'code'   => 'invalid_authorization_format',
			)
		);
	}

	$provided_token = trim( substr( $auth_header, 7 ) ); // "Bearer " is 7 characters
	if ( empty( $provided_token ) ) {
		return new \WP_Error(
			'invalid_request',
			__( 'Invalid authorization.', 'woocommerce' ),
			array(
				'status' => 400,
				'type'   => 'invalid_request',
				'code'   => 'invalid_authorization_format',
			)
		);
	}

	$registry               = get_option( \Automattic\WooCommerce\Internal\Admin\Agentic\AgenticSettingsPage::REGISTRY_OPTION, array() );
	$authenticated_provider = null;

	// Check each provider's bearer token.
	foreach ( $registry as $provider_id => $provider_config ) {
		if ( ! is_array( $provider_config ) || empty( $provider_config['bearer_token'] ) ) {
			continue;
		}

		if ( wp_check_password( $provided_token, $provider_config['bearer_token'] ) ) {
			// Store and continue checking to minimize timing attack.
			$authenticated_provider = $provider_id;
		}
	}

	if ( null !== $authenticated_provider ) {
		if ( WC()->session ) {
			WC()->session->set( SessionKey::AGENTIC_CHECKOUT_PROVIDER_ID, $authenticated_provider );
		}
		return true;
	}

	return new \WP_Error(
		'invalid_request',
		__( 'Invalid authorization.', 'woocommerce' ),
		array(
			'status' => 400,
			'type'   => 'invalid_request',
			'code'   => 'authentication_failed',
		)
	);
}