A worpdress plugin for making the hubspot API publically available from the wordpress API. It supports getting a form, getting all formssubmit form with recaptcha, upload attahced files,

index.php

<?php 
/*
Plugin Name:  Hubspot API
Description:  Plugin to make the hubspot API available from WordPress
Author:       Steven K
Author URI:   https://www.stevenkoerts.nl
*/

// Demo form: 233bb53d-071f-4d39-8859-f041855bbbd4, API_KEY: demo

// Just a random string to protect some private API methods
$SECRET = "<MAKE THIS VERY RANDOM>";

function render_hubspot_key_field() {
  $h_api_key = get_option('hubspot_api_key');
  echo "<input class='regular-text' name='hubspot_api_key' type='string' value='$h_api_key'>";
}

function render_captcha_key_field () {
  $recaptcha_secret = get_option('recaptcha_secret');
  echo "<input class='regular-text' name='recaptcha_secret' type='string' value='$recaptcha_secret'>";
}

function register_api_settings() {
  register_setting("general", "hubspot_api_key", array(
    'type' => 'string', 
    'description' => "The API key from Hubspot, put 'demo' to connect to the free demo api for testing.",
    'show_in_rest' => false, 
    'default' => 'demo',
  ));

  register_setting("general", "recaptcha_secret", array(
    'type' => 'string', 
    'description' => "The secret key for ReCaptcha, the site key can be found in the code.",
    'show_in_rest' => false, 
    'default' => '6LeIxAcTAAAAAGG-vFI1TnRWxMZNFuojJ4WifJWe',
  ));

  add_settings_field("hubspot_api_key", "Hubspot API key", 'render_hubspot_key_field', 'general');
  add_settings_field("recaptcha_secret", "ReCaptcha Secret", 'render_captcha_key_field', 'general');

  add_option('hubspot_api_key', 'demo');
  add_option('recaptcha_secret', '6LeIxAcTAAAAAGG-vFI1TnRWxMZNFuojJ4WifJWe');
}

add_action('admin_init', 'register_api_settings');




function get_all_forms() {
  $url = "https://api.hubapi.com/forms/v2/forms?hapikey=" . get_option('hubspot_api_key') . "";
  $response = file_get_contents($url);
  return json_decode($response);
}


function get_form_by_id( $data) {
  $url = "https://api.hubapi.com/forms/v2/forms/" . $data["id"] . "/?hapikey=" . get_option('hubspot_api_key') . "";

  $response = file_get_contents($url);
  return json_decode($response);
}


function get_form_submissions($data) {
  global $SECRET;
  if (!isset($_GET['secret']) and $_GET['secret'] !== $SECRET) {
    return json_decode('{"error": "Unauthorized"}');
  }
  $url = "https://api.hubapi.com/form-integrations/v1/submissions/forms/" . $data["id"] . "/?hapikey=" . get_option('hubspot_api_key') . "";
  $response = file_get_contents($url);
  return json_decode($response);
}

function check_recaptcha($token) {
  $curl = curl_init();

curl_setopt_array($curl, array(
  CURLOPT_URL => 'https://www.google.com/recaptcha/api/siteverify?secret=' . get_option('recaptcha_secret') . '&response=' . $token . '',
  CURLOPT_RETURNTRANSFER => true,
  CURLOPT_ENCODING => '',
  CURLOPT_MAXREDIRS => 10,
  CURLOPT_TIMEOUT => 0,
  CURLOPT_FOLLOWLOCATION => true,
  CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
  CURLOPT_CUSTOMREQUEST => 'POST',
));

$response = curl_exec($curl);

curl_close($curl);
return json_decode($response)["success"] === true;
}


function submit_hubspot_form() {
  $portal_id = $_GET["portal_id"];
  $form_id = $_GET["form_id"];

  // Captcha check
  $captcha = $_GET["captcha"];
  if (!isset($captcha) and !check_recaptcha($captcha)) {
    return json_decode('{"error": "Sorry ReCaptcha check failed, are you human?"}');
  }

  $body = file_get_contents('php://input');

  if (isset($portal_id) and isset($form_id)) {
    $curl = curl_init();

    curl_setopt_array($curl, array(
      CURLOPT_URL => 'https://api.hsforms.com/submissions/v3/integration/submit/' . $portal_id . '/' . $form_id . '',
      CURLOPT_RETURNTRANSFER => true,
      CURLOPT_ENCODING => '',
      CURLOPT_MAXREDIRS => 10,
      CURLOPT_TIMEOUT => 0,
      CURLOPT_FOLLOWLOCATION => true,
      CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
      CURLOPT_CUSTOMREQUEST => 'POST',
      CURLOPT_POSTFIELDS => $body,
      CURLOPT_HTTPHEADER => array(
        'hutk: '.$_COOKIE["hubspotutk"].'',
        'Content-Type: application/json'
      ),
    ));
    
    $response = curl_exec($curl);
    
    curl_close($curl);
    return json_decode($response);
  }
  return json_decode('{"error": "Invalid query params"}');
 
}


// https://legacydocs.hubspot.com/docs/methods/files/v3/upload_new_file 
function upload_file() {
  $file = $_FILES['file'];
  $fileName = isset($_POST['fileName']) ? $_POST['fileName'] : $file["name"];
  $folder = isset($_POST['folder']) ? $_POST['folder'] : 'uploads'; 
  $access = isset($_POST['access']) ? $_POST['access'] : 'PUBLIC_INDEXABLE';

  // Captcha check
  $captcha = $_GET["captcha"];
  if (!isset($captcha) and !check_recaptcha($captcha)) {
    return json_decode('{"error": "Sorry ReCaptcha check failed, are you human?"}');
  }
  
  // The code below is generated from a configuration in Postman
  $curl = curl_init();
  
  curl_setopt_array($curl, array(
    CURLOPT_URL => 'https://api.hubapi.com/filemanager/api/v3/files/upload?hapikey=' . get_option('hubspot_api_key') . "",
    CURLOPT_RETURNTRANSFER => true,
    CURLOPT_ENCODING => '',
    CURLOPT_MAXREDIRS => 10,
    CURLOPT_TIMEOUT => 0,
    CURLOPT_FOLLOWLOCATION => true,
    CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
    CURLOPT_CUSTOMREQUEST => 'POST',
    CURLOPT_POSTFIELDS => array('fileName' => $fileName, 'file'=> new CURLFILE($file['tmp_name']),'options' => '{"access": "' . $access . '", "overwrite": false}','folderPath' => $folder),
    CURLOPT_HTTPHEADER => array(
      'Accept: application/json'
    ),
  ));
  
  $response = curl_exec($curl);
  
  curl_close($curl);
  echo $response;
}


function get_folders() {
  global $SECRET;
  if (!isset($_GET['secret']) and $_GET['secret'] !== $SECRET) {
    return json_decode('{"error": "Unauthorized"}');
  }
  $url = "https://api.hubapi.com/filemanager/api/v2/folders/?hapikey=" . get_option('hubspot_api_key') . "";
  $response = file_get_contents($url);
  return json_decode($response);
}

function get_files_in_folder() {
  global $SECRET;
  if (!isset($_GET['secret']) and $_GET['secret'] !== $SECRET) {
    return json_decode('{"error": "Unauthorized"}');
  }
  $url = "https://api.hubapi.com/filemanager/api/v3/files/?hapikey=" . get_option('hubspot_api_key') . (isset($_GET['folder_id']) ? "&folder_id=" . $_GET["folder_id"] : "") . "";
  $response = file_get_contents($url); 
  return json_decode($response);
}



add_action( 'rest_api_init', function () {

  // Get by id 
  register_rest_route( 'hubspot/v1', '/getForm/(?P<id>([a-z0-9]*-?)+)', array(
    'methods' => 'GET',
    'callback' => 'get_form_by_id',
  ) );

  // Get all forms
  register_rest_route( 'hubspot/v1', '/getForms/', array(
    'methods' => 'GET',
    'callback' => 'get_all_forms',
  ) );

  //Get form submissions 
  register_rest_route( 'hubspot/v1', '/getSubmissions/(?P<id>([a-z0-9]*-?)+)', array(
    'methods' => 'GET',
    'callback' => 'get_form_submissions',
  ) );

  //Upload file 
  register_rest_route( 'hubspot/v1', '/uploadFile/', array(
      'methods' => 'POST',
      'callback' => 'upload_file',
  ) );

  //get folders 
  register_rest_route( 'hubspot/v1', '/folders/', array(
      'methods' => 'GET',
      'callback' => 'get_folders',
  ) );

  // get folder content 
  register_rest_route( 'hubspot/v1', '/folder_content/', array(
    'methods' => 'GET',
    'callback' => 'get_files_in_folder',
) );

  // submit form
  register_rest_route( 'hubspot/v1', '/submit_form/', array(
    'methods' => 'POST',
    'callback' => 'submit_hubspot_form',
) );

} );

?>