Update API class to use access token if it is available.

Author: iamdharmesh

includes/class-mailchimp-admin.php

@@ -124,7 +124,7 @@ public function finish_oauth_process() {
 			if ( $result && ! empty( $result['access_token'] ) && ! empty( $result['data_center'] ) ) {
 				// Clean up the old data.
 				delete_option( 'mailchimp_sf_access_token' );
-				delete_option( 'mailchimp_sf_data_center' );
+				delete_option( 'mc_datacenter' );
 
 				delete_site_transient( 'mailchimp_sf_oauth_secret' );
 
@@ -172,7 +172,7 @@ public function verify_and_save_oauth_token( $access_token, $data_center ) {
 			$access_token    = $data_encryption->encrypt( $access_token );
 
 			update_option( 'mailchimp_sf_access_token', $access_token );
-			update_option( 'mailchimp_sf_data_center', $data_center );
+			update_option( 'mc_datacenter', $data_center );
 			update_option( 'mc_user', $user );
 			return true;
 

lib/mailchimp/mailchimp.php

@@ -10,6 +10,13 @@
  */
 class MailChimp_API {
 
+	/**
+	 * The access token.
+	 *
+	 * @var string
+	 */
+	public $access_token;
+
 	/**
 	 * The API key
 	 *
@@ -34,26 +41,34 @@ class MailChimp_API {
 	/**
 	 * Initialize the class
 	 *
-	 * @param  string $api_key The API key.
-	 * @throws Exception If no api key is set
+	 * @param  string $access_token Access token or API key. If data center is not provided, we'll assume that this is an API key.
+	 * @param  string $data_center  The data center. If not provided, we'll assume the data center is in the API key itself.
+	 * @throws Exception If no api key or access token is set
 	 */
-	public function __construct( $api_key ) {
-		$api_key = trim( $api_key );
-		if ( ! $api_key ) {
+	public function __construct( $access_token, $data_center = '' ) {
+		$access_token = trim( $access_token );
+		if ( ! $access_token ) {
 			throw new Exception(
 				esc_html(
 					sprintf(
-						/* translators: %s: api key */
-						__( 'Invalid API Key: %s', 'mailchimp' ),
-						$api_key
+						/* translators: %s: access token */
+						__( 'Invalid Access Token or API key: %s', 'mailchimp' ),
+						$access_token
 					)
 				)
 			);
 		}
 
-		$this->key        = $api_key;
-		$dc               = explode( '-', $api_key );
-		$this->datacenter = empty( $dc[1] ) ? 'us1' : $dc[1];
+		// No data center provided, so we'll assume it's in the API key.
+		if ( ! $data_center ) {
+			$this->key              = $access_token;
+			$dc                     = explode( '-', $access_token );
+			$this->datacenter       = empty( $dc[1] ) ? 'us1' : $dc[1];
+		} else {
+			$this->access_token  = $access_token;
+			$this->datacenter    = $data_center;
+		}
+
 		$this->api_url    = 'https://' . $this->datacenter . '.api.mailchimp.com/3.0/';
 	}
 
@@ -84,12 +99,20 @@ public function get( $endpoint, $count = 10, $fields = array() ) {
 			$url .= "?{$query_params}";
 		}
 
+		$headers = array();
+		// If we have an access token, use that, otherwise use the API key.
+		if ( $this->access_token ) {
+			$headers['Authorization'] = 'Bearer ' . $this->access_token;
+		} else {
+			$headers['Authorization'] = 'apikey ' . $this->key;
+		}
+
 		$args = array(
 			'timeout'     => 5,
 			'redirection' => 5,
 			'httpversion' => '1.1',
 			'user-agent'  => 'Mailchimp WordPress Plugin/' . get_bloginfo( 'url' ),
-			'headers'     => array( 'Authorization' => 'apikey ' . $this->key ),
+			'headers'     => $headers,
 		);
 
 		$request = wp_remote_get( $url, $args );
@@ -120,13 +143,21 @@ public function get( $endpoint, $count = 10, $fields = array() ) {
 	public function post( $endpoint, $body, $method = 'POST' ) {
 		$url = $this->api_url . $endpoint;
 
+		$headers = array();
+		// If we have an access token, use that, otherwise use the API key.
+		if ( $this->access_token ) {
+			$headers['Authorization'] = 'Bearer ' . $this->access_token;
+		} else {
+			$headers['Authorization'] = 'apikey ' . $this->key;
+		}
+
 		$args    = array(
 			'method'      => $method,
 			'timeout'     => 5,
 			'redirection' => 5,
 			'httpversion' => '1.1',
 			'user-agent'  => 'Mailchimp WordPress Plugin/' . get_bloginfo( 'url' ),
-			'headers'     => array( 'Authorization' => 'apikey ' . $this->key ),
+			'headers'     => $headers,
 			'body'        => wp_json_encode( $body ),
 		);
 		$request = wp_remote_post( $url, $args );

mailchimp.php

@@ -49,6 +49,9 @@
 	require_once $path . 'lib/mailchimp/mailchimp.php';
 }
 
+// Encryption utility class.
+require_once plugin_dir_path( __FILE__ ) . 'includes/class-mailchimp-data-encryption.php';
+
 // includes the widget code so it can be easily called either normally or via ajax
 require_once 'mailchimp_widget.php';
 
@@ -58,8 +61,8 @@
 // Upgrade routines.
 require_once 'mailchimp_upgrade.php';
 
-// Init Admin functions
-require_once plugin_dir_path( __FILE__ ) . 'includes/mailchimp-admin.php';
+// Init Admin functions.
+require_once plugin_dir_path( __FILE__ ) . 'includes/class-mailchimp-admin.php';
 $admin = new MailChimp_Admin();
 $admin->init();
 
@@ -149,18 +152,22 @@ function mailchimp_admin_page_scripts( $hook_suffix ) {
 		return;
 	}
 
-	wp_enqueue_style( 'mailchimp_sf_admin_css', MCSF_URL . 'css/admin.css', array(), true );
+	wp_enqueue_style( 'mailchimp_sf_admin_css', MCSF_URL . 'css/admin.css', array( 'wp-jquery-ui-dialog' ), true );
 	wp_enqueue_script( 'showMe', MCSF_URL . 'js/hidecss.js', array( 'jquery' ), MCSF_VER, true );
-	wp_enqueue_script( 'mailchimp_sf_admin', MCSF_URL . 'js/admin.js', array( 'jquery' ), MCSF_VER, true );
+	wp_enqueue_script( 'mailchimp_sf_admin', MCSF_URL . 'js/admin.js', array( 'jquery', 'jquery-ui-dialog' ), MCSF_VER, true );
 
 	wp_localize_script(
 		'mailchimp_sf_admin',
 		'mailchimp_sf_admin_params',
 		array(
-			'ajax_url'           => esc_url( admin_url( 'admin-ajax.php' ) ),
-			'oauth_start_nonce'  => wp_create_nonce( 'mailchimp_sf_oauth_start_nonce' ),
-			'oauth_finish_nonce' => wp_create_nonce( 'mailchimp_sf_oauth_finish_nonce' ),
-			'oauth_window_name'  => esc_html__( 'Mailchimp For WordPress OAuth', 'mailchimp' ),
+			'ajax_url'               => esc_url( admin_url( 'admin-ajax.php' ) ),
+			'oauth_start_nonce'      => wp_create_nonce( 'mailchimp_sf_oauth_start_nonce' ),
+			'oauth_finish_nonce'     => wp_create_nonce( 'mailchimp_sf_oauth_finish_nonce' ),
+			'oauth_window_name'      => esc_html__( 'Mailchimp For WordPress OAuth', 'mailchimp' ),
+			'generic_error'          => esc_html__( 'An error occurred. Please try again.', 'mailchimp' ),
+			'modal_title'            => esc_html__( 'Login Popup is blocked!', 'mailchimp' ),
+			'modal_button_try_again' => esc_html__( 'Try again', 'mailchimp' ),
+			'modal_button_cancel'    => esc_html__( 'No, cancel!', 'mailchimp' ),
 		)
 	);
 }
@@ -263,7 +270,7 @@ function mailchimp_sf_request_handler() {
 				}
 
 				// erase auth information
-				$options = array( 'mc_api_key', 'mc_sopresto_user', 'mc_sopresto_public_key', 'mc_sopresto_secret_key' );
+				$options = array( 'mc_api_key', 'mailchimp_sf_access_token', 'mc_datacenter', 'mc_sopresto_user', 'mc_sopresto_public_key', 'mc_sopresto_secret_key' );
 				mailchimp_sf_delete_options( $options );
 				break;
 			case 'change_form_settings':
@@ -398,6 +405,14 @@ function mailchimp_sf_auth_nonce_salt() {
  * @return MailChimp_API | false
  */
 function mailchimp_sf_get_api() {
+	// Check for the access token first.
+	$access_token = mailchimp_sf_get_access_token();
+	$data_center  = get_option( 'mc_datacenter' );
+	if ( ! empty( $access_token ) && ! empty( $data_center ) ) {
+		return new MailChimp_API( $access_token, $data_center );
+	}
+
+	// Check for the API key if the access token is not available.
 	$key = get_option( 'mc_api_key' );
 	if ( $key ) {
 		return new MailChimp_API( $key );
@@ -1410,3 +1425,16 @@ function mailchimp_sf_create_nonce( $action = -1 ) {
 
 	return substr( wp_hash( $i . '|' . $action . '|' . $uid . '|' . $token, 'nonce' ), -12, 10 );
 }
+
+/**
+ * Get Mailchimp Access Token.
+ *
+ * @since x.x.x
+ * @return string|bool
+ */
+function mailchimp_sf_get_access_token() {
+	$access_token    = get_option( 'mailchimp_sf_access_token' );
+	$data_encryption = new MailChimp_Data_Encryption();
+
+	return $data_encryption->decrypt( $access_token );
+}

views/setup_page.php

@@ -31,7 +31,7 @@
 }
 
 // If we don't have an API Key, do a login form
-if ( ! $user || ! get_option( 'mc_api_key' ) ) {
+if ( ! $user || ( ! get_option( 'mc_api_key' ) && ! mailchimp_sf_get_access_token() ) ) {
 	?>
 	<div>
 		<h3 class="mc-h2"><?php esc_html_e( 'Log In', 'mailchimp' ); ?></h3>