Merge pull request #91 from Kit/get-access-token-by-api-secret-tenant-name-support

n7studios · web-flow · commit c5af1352e52d · 2025-03-18T09:55:40.000+08:00
Add `tenant_name` support for `accounts/oauth_access_token`
diff --git a/src/class-convertkit-api-v4.php b/src/class-convertkit-api-v4.php
@@ -481,21 +481,25 @@ public function refresh_token() {
 	 *
 	 * @since   2.0.0
 	 *
-	 * @param   string $api_key    API Key.
-	 * @param   string $api_secret API Secret.
+	 * @param   string      $api_key        API Key.
+	 * @param   string      $api_secret     API Secret.
+	 * @param   bool|string $tenant_name    Tenant Name (if specified, issues tokens specific to that name. Useful for using the same account on multiple sites).
 	 * @return  WP_Error|array
 	 */
-	public function get_access_token_by_api_key_and_secret( $api_key, $api_secret ) {
+	public function get_access_token_by_api_key_and_secret( $api_key, $api_secret, $tenant_name = '' ) {
 
-		return $this->post(
-			'accounts/oauth_access_token',
-			array(
-				'api_key'    => $api_key,
-				'api_secret' => $api_secret,
-				'client_id'  => $this->client_id,
-			)
+		$args = array(
+			'api_key'    => $api_key,
+			'api_secret' => $api_secret,
+			'client_id'  => $this->client_id,
 		);
 
+		if ( $tenant_name ) {
+			$args['tenant_name'] = $tenant_name;
+		}
+
+		return $this->post( 'accounts/oauth_access_token', $args );
+
 	}
 
 	/**
diff --git a/tests/wpunit/APITest.php b/tests/wpunit/APITest.php
@@ -636,6 +636,27 @@ public function testGetAccessTokenByAPIKeyAndSecretWithBlankClientID()
 		$this->assertEquals($result->get_error_code(), $this->errorCode);
 	}
 
+	/**
+	 * Test that fetching an Access Token using a tenant_name parameter returns the expected data.
+	 *
+	 * @since   2.0.7
+	 */
+	public function testGetAccessTokenByAPIKeyAndSecretWithTenantName()
+	{
+		$api    = new ConvertKit_API_V4( $_ENV['CONVERTKIT_OAUTH_CLIENT_ID'], $_ENV['CONVERTKIT_OAUTH_REDIRECT_URI'] );
+		$result = $api->get_access_token_by_api_key_and_secret(
+			$_ENV['CONVERTKIT_API_KEY'],
+			$_ENV['CONVERTKIT_API_SECRET'],
+			'https://example.com'
+		);
+		$this->assertNotInstanceOf(WP_Error::class, $result);
+		$this->assertIsArray($result);
+		$this->assertArrayHasKey('oauth', $result);
+		$this->assertArrayHasKey('access_token', $result['oauth']);
+		$this->assertArrayHasKey('refresh_token', $result['oauth']);
+		$this->assertArrayHasKey('expires_at', $result['oauth']);
+	}
+
 	/**
 	 * Test that supplying valid API credentials to the API class returns the expected account information.
 	 *
