{\rtf1\ansi\ansicpg1252\cocoartf2822 \cocoatextscaling0\cocoaplatform0{\fonttbl\f0\fswiss\fcharset0 Helvetica;} {\colortbl;\red255\green255\blue255;} {\*\expandedcolortbl;;} \margl1440\margr1440\vieww16540\viewh19840\viewkind0 \pard\tx720\tx1440\tx2160\tx2880\tx3600\tx4320\tx5040\tx5760\tx6480\tx7200\tx7920\tx8640\pardirnatural\partightenfactor0 \f0\fs24 \cf0 'GET',\ 'permission_callback' => '__return_true',\ 'callback' => function() \{\ return new WP_REST_Response([ 'ok' => true, 'service' => 'wp-bridge' ], 200);\ \}\ ]);\ \ register_rest_route('restorestl/v1', '/lead', [\ 'methods' => 'POST',\ 'permission_callback' => '__return_true',\ 'callback' => function( WP_REST_Request $req ) \{\ \ $backend = rst_backend_url();\ $secret = rst_webhook_secret();\ \ if (empty($backend) || empty($secret)) \{\ return new WP_REST_Response([\ 'ok' => false,\ 'error' => 'bridge_not_configured',\ 'detail' => 'Backend URL or HMAC secret missing'\ ], 500);\ \}\ \ $raw = $req->get_body();\ if (!is_string($raw) || $raw === '') \{\ return new WP_REST_Response([ 'ok' => false, 'error' => 'empty_body' ], 400);\ \}\ \ $json = json_decode($raw, true);\ if (!is_array($json)) \{\ return new WP_REST_Response([ 'ok' => false, 'error' => 'invalid_json' ], 400);\ \}\ \ // Enrich envelope a tiny bit\ if (empty($json['source'])) \{\ $json['source'] = 'wordpress';\ \}\ \ $payload = wp_json_encode($json, JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE);\ $sig = hash_hmac('sha256', $payload, $secret);\ \ $cid = isset($json['correlation_id']) ? $json['correlation_id'] : null;\ \ $url = rtrim($backend, '/').'/lead_envelopes';\ $headers = [\ 'Content-Type' => 'application/json',\ 'X-RST-HMAC' => $sig,\ 'X-RST-Source' => 'wordpress',\ 'X-RST-Correlation-Id' => $cid ?: ''\ ];\ \ $res = wp_remote_post($url, [\ 'timeout' => 15,\ 'headers' => $headers,\ 'body' => $payload,\ ]);\ \ if ( is_wp_error($res) ) \{\ return new WP_REST_Response([\ 'ok' => false,\ 'error' => 'backend_unreachable',\ 'detail' => $res->get_error_message()\ ], 502);\ \}\ \ $code = wp_remote_retrieve_response_code($res);\ $body = wp_remote_retrieve_body($res);\ $out = is_string($body) && $body !== '' ? json_decode($body, true) : null;\ \ // Normalize response surface\ if (is_array($out)) \{\ $out['hmac'] = true; // we signed it here\ return new WP_REST_Response($out, ($code >= 200 && $code < 300) ? 200 : $code);\ \}\ \ return new WP_REST_Response([\ 'ok' => ($code >= 200 && $code < 300),\ 'status' => $code,\ 'raw' => $body,\ 'hmac' => true,\ ], ($code >= 200 && $code < 300) ? 200 : $code);\ \}\ ]);\ \ \});}