intercom
diff --git a/‎.circleci/config.yml
+4-4 b/‎.circleci/config.yml
+4-4
diff --git a/‎.gitignore
+1 b/‎.gitignore
+1
diff --git a/‎bootstrap.php
+80-22 b/‎bootstrap.php
+80-22
@@ -3,21 +3,21 @@ version: 2.1
 jobs:
   build-and-test:
     docker:
-      - image: cimg/php:5.6
+      - image: cimg/php:7.2
     steps:
       - checkout
       - run:
           name: Install PHPUnit
           command: |
-            wget https://phar.phpunit.de/phpunit-4.8.9.phar
+            wget https://phar.phpunit.de/phpunit-8.5.33.phar
       - run:
           name: Make PHPUnit executable
           command: |
-            chmod +x ./phpunit-4.8.9.phar
+            chmod +x ./phpunit-8.5.33.phar
       - run:
           name: Run PHPUnit
           command: |
-            INTERCOM_PLUGIN_TEST=1 php ./phpunit-4.8.9.phar
+            INTERCOM_PLUGIN_TEST=1 php ./phpunit-8.5.33.phar
 
 workflows:
   sample:
 
@@ -1,3 +1,4 @@
 *.swo
 *.swp
 intercom-wordpress.zip
+.gitignore
@@ -5,10 +5,33 @@
 Description: Official <a href="https://www.intercom.io">Intercom</a> support for WordPress.
 Author: Intercom
 Author URI: https://www.intercom.io
-Version: 2.6.6
+Version: 3.0.0
  */
 
-class IdentityVerificationCalculator
+require_once __DIR__ . '/vendor/autoload.php';
+use Firebase\JWT\JWT;
+
+class TimeProvider
+{
+    private static $mockTime = null;
+
+    public static function setMockTime($timestamp)
+    {
+        self::$mockTime = $timestamp;
+    }
+
+    public static function resetMockTime()
+    {
+        self::$mockTime = null;
+    }
+
+    public static function getCurrentTime()
+    {
+        return self::$mockTime !== null ? self::$mockTime : time();
+    }
+}
+
+class MessengerSecurityCalculator
 {
   private $raw_data = array();
   private $secret_key = "";
@@ -19,39 +42,59 @@ public function __construct($data, $secret_key)
     $this->secret_key = $secret_key;
   }
 
-  public function identityVerificationComponent()
+  public function messengerSecurityComponent()
   {
     $secret_key = $this->getSecretKey();
+
     if (empty($secret_key))
     {
-      return $this->emptyIdentityVerificationHashComponent();
-    }
-    if (array_key_exists("user_id", $this->getRawData()))
-    {
-      return $this->identityVerificationHashComponent("user_id");
+      return $this->getRawData();
     }
-    if (array_key_exists("email", $this->getRawData()))
+    if (array_key_exists("user_id", $this->getRawData()) || array_key_exists("email", $this->getRawData()))
     {
-      return $this->identityVerificationHashComponent("email");
+      return $this->messengerSecurityJWTComponent();
     }
-    return $this->emptyIdentityVerificationHashComponent();
-  }
 
-  private function emptyIdentityVerificationHashComponent()
-  {
-    return array();
+    return $this->getRawData();
   }
 
-  private function identityVerificationHashComponent($key)
+  private function messengerSecurityJWTComponent()
   {
     $raw_data = $this->getRawData();
-    return array("user_hash" => hash_hmac("sha256", $raw_data[$key], $this->getSecretKey()));
+
+    $filtered_data = $raw_data;
+    $payload = array();
+
+    if (array_key_exists("email", $filtered_data)) {
+      unset($filtered_data["email"]);
+      $payload["user_id"] = $raw_data["email"];
+      $payload["email"] = $raw_data["email"];
+    }
+    if (array_key_exists("user_id", $filtered_data)) {
+      unset($filtered_data["user_id"]);
+      $payload["user_id"] = $raw_data["user_id"];
+    }
+    if (array_key_exists("name", $filtered_data)) {
+      unset($filtered_data["name"]);
+      $payload["name"] = $raw_data["name"];
+    }
+
+    $payload = array_merge($payload, apply_filters("intercom_sensitive_attributes", array()));
+    $payload["exp"] = TimeProvider::getCurrentTime() + 3600;
+
+    $filtered_data["intercom_user_jwt"] = JWT::encode(
+      $payload, $this->getSecretKey(),
+      'HS256'
+    );
+
+    return $filtered_data;
   }
 
   private function getSecretKey()
   {
     return $this->secret_key;
   }
+
   private function getRawData()
   {
     return $this->raw_data;
@@ -357,10 +400,9 @@ public function appId()
   private function getRawData()
   {
     $user = new IntercomUser($this->wordpress_user, $this->raw_data);
-    $settings = apply_filters("intercom_settings", $user->buildSettings());
-    $identityVerificationCalculator = new IdentityVerificationCalculator($settings, $this->secret);
-    $result = array_merge($settings, $identityVerificationCalculator->identityVerificationComponent());
-    $result = $this->mergeConstants($result);
+    $messengerSecurityCalculator = new MessengerSecurityCalculator($user->buildSettings(), $this->secret);
+    $settings = $messengerSecurityCalculator->messengerSecurityComponent();
+    $result = $this->mergeConstants(apply_filters("intercom_settings", $settings));
     $result['installation_type'] = 'wordpress';
     return $result;
   }
@@ -385,7 +427,19 @@ private function validateRawData($raw_data)
 }
 
 if (getenv('INTERCOM_PLUGIN_TEST') == '1' && !function_exists('apply_filters')) {
-  function apply_filters($_, $value) {
+  function apply_filters($key, $value) {
+    if ($key == "intercom_sensitive_attributes") {
+      $extra_data_key = 'INTERCOM_PLUGIN_TEST_JWT_DATA';
+    } elseif ($key == "intercom_settings") {
+      $extra_data_key = 'INTERCOM_PLUGIN_TEST_SETTINGS';
+    }
+
+    $extra_data = getenv($extra_data_key);
+    if ($extra_data) {
+      $extra_data = json_decode($extra_data, true);
+      return array_merge($value, $extra_data);
+    }
+
     return $value;
   }
 }
@@ -436,6 +490,10 @@ public function buildSettings()
     {
       $this->settings["email"] = WordPressEscaper::escJS($this->wordpress_user->user_email);
     }
+    if (!empty($this->wordpress_user->ID))
+    {
+      $this->settings["user_id"] = WordPressEscaper::escJS($this->wordpress_user->ID);
+    }
     if (!empty($this->wordpress_user->display_name))
     {
       $this->settings["name"] = WordPressEscaper::escJS($this->wordpress_user->display_name);