diff --git a/includes/class-convertkit-settings.php b/includes/class-convertkit-settings.php index d74a5e47c..a714b5610 100644 --- a/includes/class-convertkit-settings.php +++ b/includes/class-convertkit-settings.php @@ -45,14 +45,6 @@ public function __construct() { $this->settings = array_merge( $this->get_defaults(), $settings ); } - // Update Access Token when refreshed by the API class. - add_action( 'convertkit_api_get_access_token', array( $this, 'update_credentials' ), 10, 2 ); - add_action( 'convertkit_api_refresh_token', array( $this, 'update_credentials' ), 10, 2 ); - - // Delete credentials if the API class uses a invalid access token. - // This prevents the Plugin making repetitive API requests that will 401. - add_action( 'convertkit_api_access_token_invalid', array( $this, 'maybe_delete_credentials' ), 10, 2 ); - } /** @@ -183,6 +175,9 @@ public function has_api_key_and_secret() { */ public function get_access_token() { + // Reload settings from options table, to ensure we have the latest tokens. + $this->refresh_settings(); + // Return Access Token from settings. return $this->settings['access_token']; @@ -210,6 +205,9 @@ public function has_access_token() { */ public function get_refresh_token() { + // Reload settings from options table, to ensure we have the latest tokens. + $this->refresh_settings(); + // Return Refresh Token from settings. return $this->settings['refresh_token']; @@ -622,16 +620,9 @@ public function get_defaults() { * * @since 2.8.3 * - * @param array $result New Access Token, Refresh Token and Expiry. - * @param string $client_id OAuth Client ID used for the Access and Refresh Tokens. + * @param array $result New Access Token, Refresh Token and Expiry. */ - public function update_credentials( $result, $client_id ) { - - // Don't save these credentials if they're not for this Client ID. - // They're for another Kit Plugin that uses OAuth. - if ( $client_id !== CONVERTKIT_OAUTH_CLIENT_ID ) { - return; - } + public function update_credentials( $result ) { // Remove any existing persistent notice. WP_ConvertKit()->get_class( 'admin_notices' )->delete( 'authorization_failed' ); @@ -652,34 +643,6 @@ public function update_credentials( $result, $client_id ) { } - /** - * Deletes the stored access token, refresh token and its expiry from the Plugin settings, - * and clears any existing scheduled WordPress Cron event to refresh the token on expiry, - * when either: - * - The access token is invalid - * - The access token expired, and refreshing failed - * - * @since 3.1.0 - * - * @param WP_Error $result Error result. - * @param string $client_id OAuth Client ID used for the Access and Refresh Tokens. - */ - public function maybe_delete_credentials( $result, $client_id ) { - - // Don't delete these credentials if they're not for this Client ID. - // They're for another Kit Plugin that uses OAuth. - if ( $client_id !== CONVERTKIT_OAUTH_CLIENT_ID ) { - return; - } - - // Persist an error notice in the WordPress Administration until the user fixes the problem. - WP_ConvertKit()->get_class( 'admin_notices' )->add( 'authorization_failed' ); - - // Delete the credentials from the Plugin settings. - $this->delete_credentials(); - - } - /** * Deletes any existing access token, refresh token and its expiry from the Plugin settings, * and clears any existing scheduled WordPress Cron event to refresh the token on expiry. @@ -713,7 +676,25 @@ public function save( $settings ) { update_option( self::SETTINGS_NAME, array_merge( $this->get(), $settings ) ); // Reload settings in class, to reflect changes. - $this->settings = get_option( self::SETTINGS_NAME ); + $this->refresh_settings(); + + } + + /** + * Reloads settings from the options table so this instance has the latest values. + * + * @since 3.1.1 + */ + private function refresh_settings() { + + $settings = get_option( self::SETTINGS_NAME ); + + if ( ! $settings ) { + $this->settings = $this->get_defaults(); + return; + } + + $this->settings = array_merge( $this->get_defaults(), $settings ); } diff --git a/includes/functions.php b/includes/functions.php index 0e712f469..771ab345f 100644 --- a/includes/functions.php +++ b/includes/functions.php @@ -690,3 +690,61 @@ function convertkit_kses_allowed_html() { return array_merge( $elements, $form_elements ); } + +/** + * Saves the new access token, refresh token and its expiry, and schedules + * a WordPress Cron event to refresh the token on expiry. + * + * @since 3.1.1 + * + * @param array $result New Access Token, Refresh Token and Expiry. + * @param string $client_id OAuth Client ID used for the Access and Refresh Tokens. + */ +function convertkit_maybe_update_credentials( $result, $client_id ) { + + // Don't save these credentials if they're not for this Client ID. + // They're for another Kit Plugin that uses OAuth. + if ( $client_id !== CONVERTKIT_OAUTH_CLIENT_ID ) { + return; + } + + $settings = new ConvertKit_Settings(); + $settings->update_credentials( $result ); + +} + +/** + * Deletes the stored access token, refresh token and its expiry from the Plugin settings, + * and clears any existing scheduled WordPress Cron event to refresh the token on expiry, + * when either: + * - The access token is invalid + * - The access token expired, and refreshing failed + * + * @since 3.1.1 + * + * @param WP_Error $result Error result. + * @param string $client_id OAuth Client ID used for the Access and Refresh Tokens. + */ +function convertkit_maybe_delete_credentials( $result, $client_id ) { + + // Don't save these credentials if they're not for this Client ID. + // They're for another Kit Plugin that uses OAuth. + if ( $client_id !== CONVERTKIT_OAUTH_CLIENT_ID ) { + return; + } + + // Persist an error notice in the WordPress Administration until the user fixes the problem. + WP_ConvertKit()->get_class( 'admin_notices' )->add( 'authorization_failed' ); + + $settings = new ConvertKit_Settings(); + $settings->delete_credentials(); + +} + +// Update Access Token when refreshed by the API class. +add_action( 'convertkit_api_get_access_token', 'convertkit_maybe_update_credentials', 10, 2 ); +add_action( 'convertkit_api_refresh_token', 'convertkit_maybe_update_credentials', 10, 2 ); + +// Delete credentials if the API class uses a invalid access token. +// This prevents the Plugin making repetitive API requests that will 401. +add_action( 'convertkit_api_access_token_invalid', 'convertkit_maybe_delete_credentials', 10, 2 );