Directly Remove Credentials on 401

Author: n7studios

composer.json

@@ -4,7 +4,7 @@
     "type": "project",
     "license": "GPLv3",
     "require": {
-        "convertkit/convertkit-wordpress-libraries": "2.1.2"
+        "convertkit/convertkit-wordpress-libraries": "dev-add-invalid-access-token-to-hook"
     },
     "require-dev": {
         "php-webdriver/webdriver": "^1.0",

includes/class-integrate-convertkit-wpforms-admin-notices.php

@@ -0,0 +1,223 @@
+<?php
+/**
+ * ConvertKit WPForms Admin Notices class.
+ *
+ * @package ConvertKit_WPForms
+ * @author ConvertKit
+ */
+
+/**
+ * Add and remove persistent error messages across all
+ * WordPress Administration screens.
+ *
+ * @package ConvertKit_WPForms
+ * @author ConvertKit
+ */
+class Integrate_ConvertKit_WPForms_Admin_Notices {
+
+	/**
+	 * Holds the class object.
+	 *
+	 * @since   1.8.9
+	 *
+	 * @var     object
+	 */
+	private static $instance;
+
+	/**
+	 * The key prefix to use for stored notices
+	 *
+	 * @since   1.8.9
+	 *
+	 * @var     string
+	 */
+	private $key_prefix = 'integrate-convertkit-wpforms-admin-notices';
+
+	/**
+	 * Register output function to display persistent notices
+	 * in the WordPress Administration, if any exist.
+	 *
+	 * @since   1.8.9
+	 */
+	public function __construct() {
+
+		add_action( 'admin_notices', array( $this, 'output' ) );
+
+	}
+
+	/**
+	 * Output persistent notices in the WordPress Administration
+	 *
+	 * @since   1.8.9
+	 */
+	public function output() {
+
+		// Don't output if we don't have the required capabilities to fix the issue.
+		if ( ! current_user_can( 'manage_options' ) ) {
+			return;
+		}
+
+		// Bail if no notices exist.
+		$notices = get_option( $this->key_prefix );
+		if ( ! $notices ) {
+			return;
+		}
+
+		// Output notices.
+		foreach ( $notices as $notice ) {
+			switch ( $notice ) {
+				case 'authorization_failed':
+					$output = sprintf(
+						'%s %s',
+						esc_html__( 'Kit for WPForms: Authorization failed. Please', 'integrate-convertkit-wpforms' ),
+						sprintf(
+							'<a href="%s">%s</a>',
+							esc_url( admin_url( 'admin.php?page=wpforms-settings&view=integrations' ) ),
+							esc_html__( 'reconnect your Kit account.', 'integrate-convertkit-wpforms' )
+						)
+					);
+					break;
+
+				default:
+					$output = '';
+
+					/**
+					 * Define the text to output in an admin error notice.
+					 *
+					 * @since   1.8.9
+					 *
+					 * @param   string  $notice     Admin notice name.
+					 */
+					$output = apply_filters( 'integrate_convertkit_wpforms_admin_notices_output_' . $notice, $output );
+					break;
+			}
+
+			// If no output defined, skip.
+			if ( empty( $output ) ) {
+				continue;
+			}
+			?>
+			<div class="notice notice-error">
+				<p>
+					<?php
+					echo wp_kses(
+						$output,
+						wp_kses_allowed_html( 'post' )
+					);
+					?>
+				</p>
+			</div>
+			<?php
+		}
+
+	}
+
+	/**
+	 * Add a persistent notice for output in the WordPress Administration.
+	 *
+	 * @since   1.8.9
+	 *
+	 * @param   string $notice     Notice name.
+	 * @return  bool                Notice saved successfully
+	 */
+	public function add( $notice ) {
+
+		// If no other persistent notices exist, add one now.
+		if ( ! $this->exist() ) {
+			return update_option( $this->key_prefix, array( $notice ) );
+		}
+
+		// Fetch existing persistent notices.
+		$notices = $this->get();
+
+		// Add notice to existing notices.
+		$notices[] = $notice;
+
+		// Remove any duplicate notices.
+		$notices = array_values( array_unique( $notices ) );
+
+		// Update and return.
+		return update_option( $this->key_prefix, $notices );
+
+	}
+
+	/**
+	 * Returns all notices stored in the options table.
+	 *
+	 * @since   1.8.9
+	 *
+	 * @return  array
+	 */
+	public function get() {
+
+		// Fetch all notices from the options table.
+		return get_option( $this->key_prefix );
+
+	}
+
+	/**
+	 * Whether any persistent notices are stored in the option table.
+	 *
+	 * @since   1.8.9
+	 *
+	 * @return  bool
+	 */
+	public function exist() {
+
+		if ( ! $this->get() ) {
+			return false;
+		}
+
+		return true;
+
+	}
+
+	/**
+	 * Delete all persistent notices.
+	 *
+	 * @since   1.8.9
+	 *
+	 * @param   string $notice     Notice name.
+	 * @return  bool                Success
+	 */
+	public function delete( $notice ) {
+
+		// If no persistent notices exist, there's nothing to delete.
+		if ( ! $this->exist() ) {
+			return false;
+		}
+
+		// Fetch existing persistent notices.
+		$notices = $this->get();
+
+		// Remove notice from existing notices.
+		$index = array_search( $notice, $notices, true );
+		if ( $index !== false ) {
+			unset( $notices[ $index ] );
+		}
+
+		// Update and return.
+		return update_option( $this->key_prefix, $notices );
+
+	}
+
+	/**
+	 * Returns the singleton instance of the class.
+	 *
+	 * @since   1.8.9
+	 *
+	 * @return  object Class.
+	 */
+	public static function get_instance() {
+
+		if ( null === self::$instance ) {
+			self::$instance = new self();
+		}
+
+		return self::$instance;
+
+	}
+
+}
+
+new Integrate_ConvertKit_WPForms_Admin_Notices();

includes/class-integrate-convertkit-wpforms-api.php

@@ -29,6 +29,13 @@ class Integrate_ConvertKit_WPForms_API extends ConvertKit_API_V4 {
 	 */
 	public $error_messages = false;
 
+	/**
+	 * Access Token
+	 *
+	 * @var string
+	 */
+	public $access_token = '';
+
 	/**
 	 * Sets up the API with the required credentials.
 	 *

includes/class-integrate-convertkit-wpforms-resource.php

@@ -33,8 +33,34 @@ public function __construct( $api_instance, $account_id = '' ) {
 			$this->settings_name .= '_' . $account_id;
 		}
 
-		// Call parent initialization function.
-		parent::init();
+		// Get last query time and existing resources.
+		$this->last_queried = get_option( $this->settings_name . '_last_queried' );
+		$this->resources    = get_option( $this->settings_name );
+
+	}
+
+	/**
+	 * Fetches resources (custom fields, forms, sequences or tags) from the API, storing them in the options table
+	 * with a last queried timestamp.
+	 *
+	 * If the refresh results in a 401, removes the access and refresh tokens from the connection.
+	 *
+	 * @since   1.8.9
+	 *
+	 * @return  WP_Error|array
+	 */
+	public function refresh() {
+
+		// Call parent refresh method.
+		$result = parent::refresh();
+
+		// If an error occured, maybe delete credentials from the Plugin's settings
+		// if the error is a 401 unauthorized.
+		if ( is_wp_error( $result ) ) {
+			integrate_convertkit_wpforms_maybe_delete_credentials( $result, INTEGRATE_CONVERTKIT_WPFORMS_OAUTH_CLIENT_ID, $this->api->access_token );
+		}
+
+		return $result;
 
 	}
 

includes/class-integrate-convertkit-wpforms.php

@@ -667,8 +667,8 @@ public function output_accounts( $connection_id = '', $connection = array() ) {
 	}
 
 	/**
-	 * Outputs a <select> dropdown of ConvertKit Forms, allowing the user
-	 * to choose which ConvertKit Form to send form submissions to.
+	 * Outputs a <select> dropdown of Kit Forms, Sequences and Tags, allowing the user
+	 * to choose which resource to send form submissions to.
 	 *
 	 * @since   1.5.0
 	 *
@@ -691,28 +691,67 @@ public function output_lists( $connection_id = '', $connection = array() ) {
 			return '';
 		}
 
+		// Get the selected ConvertKit subscribe setting, if one was already defined.
+		$value = ! empty( $connection['list_id'] ) ? $connection['list_id'] : '';
+
+		// Initialize resource classes.
+		$forms     = new Integrate_ConvertKit_WPForms_Resource_Forms( $api, $connection['account_id'] );
+		$sequences = new Integrate_ConvertKit_WPForms_Resource_Sequences( $api, $connection['account_id'] );
+		$tags      = new Integrate_ConvertKit_WPForms_Resource_Tags( $api, $connection['account_id'] );
+
 		// Fetch Forms.
 		// We use refresh() to ensure we get the latest data, as we're in the admin interface
 		// and need to populate the select dropdown.
-		$forms = new Integrate_ConvertKit_WPForms_Resource_Forms( $api, $connection['account_id'] );
-		$forms->refresh();
+		$result = $forms->refresh();
+
+		// Return the <select> dropdown if an error occurred, so the cached resources are
+		// available for selection.
+		if ( is_wp_error( $result ) ) {
+			return $this->output_select_dropdown( $forms, $sequences, $tags, $value, $connection_id, $result->get_error_message() );
+		}
 
 		// Fetch Sequences.
 		// We use refresh() to ensure we get the latest data, as we're in the admin interface
 		// and need to populate the select dropdown.
-		$sequences = new Integrate_ConvertKit_WPForms_Resource_Sequences( $api, $connection['account_id'] );
-		$sequences->refresh();
+		$result = $sequences->refresh();
+
+		// Return the <select> dropdown if an error occurred, so the cached resources are
+		// available for selection.
+		if ( is_wp_error( $result ) ) {
+			return $this->output_select_dropdown( $forms, $sequences, $tags, $value, $connection_id, $result->get_error_message() );
+		}
 
 		// Fetch Tags.
 		// We use refresh() to ensure we get the latest data, as we're in the admin interface
 		// and need to populate the select dropdown.
-		$tags = new Integrate_ConvertKit_WPForms_Resource_Tags( $api, $connection['account_id'] );
-		$tags->refresh();
+		$result = $tags->refresh();
 
-		// Get the selected ConvertKit subscribe setting, if one was already defined.
-		$value = ! empty( $connection['list_id'] ) ? $connection['list_id'] : '';
+		// Return the <select> dropdown if an error occurred, so the cached resources are
+		// available for selection.
+		if ( is_wp_error( $result ) ) {
+			return $this->output_select_dropdown( $forms, $sequences, $tags, $value, $connection_id, $result->get_error_message() );
+		}
 
 		// Output <select> dropdown.
+		return $this->output_select_dropdown( $forms, $sequences, $tags, $value, $connection_id );
+
+	}
+
+	/**
+	 * Outputs the <select> dropdown.
+	 *
+	 * @since   1.8.9
+	 *
+	 * @param   Integrate_ConvertKit_WPForms_Resource_Forms     $forms         Forms resource.
+	 * @param   Integrate_ConvertKit_WPForms_Resource_Sequences $sequences     Sequences resource.
+	 * @param   Integrate_ConvertKit_WPForms_Resource_Tags      $tags          Tags resource.
+	 * @param   string                                          $value         Selected value.
+	 * @param   string                                          $connection_id Connection ID.
+	 * @param   string                                          $error_message Error message.
+	 * @return  string
+	 */
+	private function output_select_dropdown( $forms, $sequences, $tags, $value, $connection_id, $error_message = '' ) {
+
 		ob_start();
 		require INTEGRATE_CONVERTKIT_WPFORMS_PATH . '/views/backend/settings-form-marketing-forms-dropdown.php';
 		return ob_get_clean();
@@ -871,6 +910,10 @@ public function maybe_get_and_store_access_token() {
 			)
 		);
 
+		// Remove any existing persistent notice.
+		$admin_notices = Integrate_ConvertKit_WPForms_Admin_Notices::get_instance();
+		$admin_notices->delete( 'authorization_failed' );
+
 		// If this request is served in a popup window (i.e. from the form builder),
 		// serve a view that will close the popup.
 		if ( array_key_exists( 'convertkit-modal', $_REQUEST ) ) { // phpcs:ignore WordPress.Security.NonceVerification.Recommended
@@ -974,6 +1017,11 @@ public function api_fields( $connection_id = '', $account_id = '', $list_id = ''
 		$resource_custom_fields = new Integrate_ConvertKit_WPForms_Resource_Custom_Fields( $api, $account_id );
 		$custom_fields          = $resource_custom_fields->refresh();
 
+		// Just return fields if an error occurred.
+		if ( is_wp_error( $custom_fields ) ) {
+			return $provider_fields;
+		}
+
 		// Just return fields if no custom fields exist in ConvertKit.
 		if ( ! count( $custom_fields ) ) {
 			return $provider_fields;