ultimate-multisite/encrypt-secrets.php at main · Ultimate-Multisite/ultimate-multisite · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
<?php
// phpcs:disable
// encrypt-secrets.php
$filename = 'inc/class-addon-repository.php';
$key      = hash_file('sha256', $filename);

$client_id     = getenv('MU_CLIENT_ID') ?: '';
$client_secret = getenv('MU_CLIENT_SECRET') ?: '';

if (!$client_id || !$client_secret) {
	echo "Missing MU_CLIENT_ID or MU_CLIENT_SECRET env vars\n";
	exit(1);
}

function encryptValue($plaintext, $key) {
    $iv = openssl_random_pseudo_bytes(openssl_cipher_iv_length('aes-256-cbc'));
    $encrypted = openssl_encrypt($plaintext, 'aes-256-cbc', $key, 0, $iv);
    return base64_encode($iv . $encrypted);
}

$target_file = 'inc/stuff.php';

if (!file_exists($target_file) || filemtime($filename) > filemtime($target_file)) {
	file_put_contents($target_file, "<?php\nreturn ".var_export([
		encryptValue($client_id, $key),
		encryptValue($client_secret, $key),
	], true).';');
	echo "Updated $target_file\n";
} else {
	echo "$target_file is up to date\n";
}