From 692a4b3bcbdf7dbad9ea9d301266568dbaaf9688 Mon Sep 17 00:00:00 2001 From: Tim Carr Date: Fri, 27 Jun 2025 08:39:16 +0800 Subject: [PATCH 1/4] OAuth: Automatically Refresh Token relative to current time --- includes/class-convertkit-settings.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/includes/class-convertkit-settings.php b/includes/class-convertkit-settings.php index bad085f26..d141eb955 100644 --- a/includes/class-convertkit-settings.php +++ b/includes/class-convertkit-settings.php @@ -521,7 +521,7 @@ public function update_credentials( $result, $client_id ) { array( 'access_token' => $result['access_token'], 'refresh_token' => $result['refresh_token'], - 'token_expires' => ( $result['created_at'] + $result['expires_in'] ), + 'token_expires' => ( time() + $result['expires_in'] ), ) ); @@ -529,7 +529,7 @@ public function update_credentials( $result, $client_id ) { wp_clear_scheduled_hook( 'convertkit_refresh_token' ); // Schedule a WordPress Cron event to refresh the token on expiry. - wp_schedule_single_event( ( $result['created_at'] + $result['expires_in'] ), 'convertkit_refresh_token' ); + wp_schedule_single_event( ( time() + $result['expires_in'] ), 'convertkit_refresh_token' ); } From b45913af1ca072f5d2190ca5bb0404f932465d02 Mon Sep 17 00:00:00 2001 From: Tim Carr Date: Fri, 27 Jun 2025 08:43:55 +0800 Subject: [PATCH 2/4] Update tests to define static `created_at` --- tests/Integration/APITest.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/Integration/APITest.php b/tests/Integration/APITest.php index 9f7e44d55..be9ed8be2 100644 --- a/tests/Integration/APITest.php +++ b/tests/Integration/APITest.php @@ -211,8 +211,8 @@ public function mockTokenResponse( $response, $parsed_args, $url ) 'access_token' => $_ENV['CONVERTKIT_OAUTH_ACCESS_TOKEN'], 'refresh_token' => $_ENV['CONVERTKIT_OAUTH_REFRESH_TOKEN'], 'token_type' => 'bearer', - 'created_at' => $this->now, - 'expires_in' => 10000, + 'created_at' => 1735660800, // When the access token was created. + 'expires_in' => 10000, // When the access token will expire, relative to the time the request was made. 'scope' => 'public', ) ), From 7f48c6daebf9895a5323ca316d893ed13fe8edd8 Mon Sep 17 00:00:00 2001 From: Tim Carr Date: Fri, 27 Jun 2025 08:59:27 +0800 Subject: [PATCH 3/4] Tests: Use time(), to reflect time() used in `wp_schedule_single_event` --- tests/Integration/APITest.php | 17 ++--------------- 1 file changed, 2 insertions(+), 15 deletions(-) diff --git a/tests/Integration/APITest.php b/tests/Integration/APITest.php index be9ed8be2..11137c893 100644 --- a/tests/Integration/APITest.php +++ b/tests/Integration/APITest.php @@ -27,16 +27,6 @@ class APITest extends WPTestCase */ private $api; - /** - * Holds the current timestamp, defined in setUp to fix - * it for all tests. - * - * @since 2.8.3 - * - * @var int - */ - private $now = 0; - /** * Performs actions before each test. * @@ -46,9 +36,6 @@ public function setUp(): void { parent::setUp(); - // Set the current timestamp to the start of the test. - $this->now = strtotime( 'now' ); - // Activate Plugin, to include the Plugin's constants in tests. activate_plugins('convertkit/wp-convertkit.php'); @@ -118,7 +105,7 @@ public function testCronEventCreatedWhenAccessTokenObtained() // Confirm the Cron event to refresh the access token was created, and the timestamp to // run the refresh token call matches the expiry of the access token. $nextScheduledTimestamp = wp_next_scheduled( 'convertkit_refresh_token' ); - $this->assertEquals( $nextScheduledTimestamp, $this->now + 10000 ); + $this->assertGreaterThanOrEqual( $nextScheduledTimestamp, time() + 10000 ); } /** @@ -138,7 +125,7 @@ public function testCronEventCreatedWhenTokenRefreshed() // Confirm the Cron event to refresh the access token was created, and the timestamp to // run the refresh token call matches the expiry of the access token. $nextScheduledTimestamp = wp_next_scheduled( 'convertkit_refresh_token' ); - $this->assertEquals( $nextScheduledTimestamp, $this->now + 10000 ); + $this->assertGreaterThanOrEqual( $nextScheduledTimestamp, time() + 10000 ); } /** From 3cfb626dff53ea97b00db3819c34a6ec4af516bd Mon Sep 17 00:00:00 2001 From: Tim Carr Date: Fri, 27 Jun 2025 09:06:31 +0800 Subject: [PATCH 4/4] Replace `created_at` with `time()` when defining `token_expires` --- admin/section/class-convertkit-admin-section-oauth.php | 2 +- .../setup-wizard/class-convertkit-admin-setup-wizard-plugin.php | 2 +- includes/cron-functions.php | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/admin/section/class-convertkit-admin-section-oauth.php b/admin/section/class-convertkit-admin-section-oauth.php index 3de9b23b6..deaa08541 100644 --- a/admin/section/class-convertkit-admin-section-oauth.php +++ b/admin/section/class-convertkit-admin-section-oauth.php @@ -86,7 +86,7 @@ private function maybe_get_and_store_access_token() { array( 'access_token' => $result['access_token'], 'refresh_token' => $result['refresh_token'], - 'token_expires' => ( $result['created_at'] + $result['expires_in'] ), + 'token_expires' => ( time() + $result['expires_in'] ), ) ); diff --git a/admin/setup-wizard/class-convertkit-admin-setup-wizard-plugin.php b/admin/setup-wizard/class-convertkit-admin-setup-wizard-plugin.php index 9eb00881b..ed2d38deb 100644 --- a/admin/setup-wizard/class-convertkit-admin-setup-wizard-plugin.php +++ b/admin/setup-wizard/class-convertkit-admin-setup-wizard-plugin.php @@ -243,7 +243,7 @@ public function process_form( $step ) { array( 'access_token' => $result['access_token'], 'refresh_token' => $result['refresh_token'], - 'token_expires' => ( $result['created_at'] + $result['expires_in'] ), + 'token_expires' => ( time() + $result['expires_in'] ), ) ); break; diff --git a/includes/cron-functions.php b/includes/cron-functions.php index 0bbc7e77d..b4c13e99f 100644 --- a/includes/cron-functions.php +++ b/includes/cron-functions.php @@ -47,7 +47,7 @@ function convertkit_refresh_token() { array( 'access_token' => $result['access_token'], 'refresh_token' => $result['refresh_token'], - 'token_expires' => ( $result['created_at'] + $result['expires_in'] ), + 'token_expires' => ( time() + $result['expires_in'] ), ) );