Forms: Add jwt filter (#45731)

* Forms: Add forms jwt filter

Introduces  filter to allow customization of the secret used for signing contact form JWT tokens. Falls back to the default secret if the filter does not return a value.

* changelog

* Update the copy and check that we are returning a string from the filter.

* fix to be plural

Author: enejb

projects/packages/forms/changelog/add-jwt-forms-filter

@@ -0,0 +1,4 @@
+Significance: minor
+Type: added
+
+Forms: add a new jwt filter

projects/packages/forms/src/contact-form/class-contact-form.php

@@ -389,6 +389,19 @@ public static function compute_id( $attributes, $post = null, $page_number = 1 )
 	 * @return string The secret from the Tokens class, or a default secret if not available.
 	 */
 	private static function get_secret() {
+
+		/**
+		 * Filter the secret used for signing contact form JWT tokens.
+		 *
+		 * @param string $secret Passes a empty string by default so that we can fall back to other methods if the filter is not used.
+		 *
+		 * @return string The secret used for signing contact form JWT tokens.
+		 */
+		$secret = apply_filters( 'jetpack_forms_secret_jwt', '' );
+		if ( is_string( $secret ) && ! empty( $secret ) ) {
+			return $secret;
+		}
+
 		$token          = ( new Tokens() )->get_access_token();
 		$default_secret = hash_hmac( 'md5', get_option( 'admin_email' ), JETPACK__VERSION );