JSON API: Private metadata not available for authenticated user

[kraftbj]

Per https://developer.wordpress.com/2013/04/26/custom-post-type-and-metadata-support-in-the-rest-api/ , private metadata should be available when requested by an authenticated user with rights to edit the post. This appears to not be happening.

Steps to reproduce:

0. Have a post with private meta data (e.g. _private_meta_key).
1. Via the https://developer.wordpress.com/console/ while logged into the wpcom user that owns the JP connection and is the author of the post (thus no question has the cap), query /v1.1/sites/$site//posts/$ID

Expected: The metadata array includes _private_meta_key.

Actual: It does not.

Further testing, if the key is specifically whitelisted by rest_api_allowed_public_metadata, it is included (expected), so my first thought is https://github.com/Automattic/jetpack/blob/3.8.0/json-endpoints/class.wpcom-json-api-post-endpoint.php#L448 is failing.

[stale[bot]]

This issue has been marked as stale. This happened because:

• It has been inactive in the past 6 months.
• It hasn’t been labeled `[Pri] Blocker`, `[Pri] High`.

No further action is needed. But it's worth checking if this ticket has clear reproduction steps and it is still reproducible. Feel free to close this issue if you think it's not valid anymore — if you do, please add a brief explanation.