Skip to content

Commit b69e650

Browse files
committed
Add verify access token logic.
1 parent 0c98dbb commit b69e650

File tree

1 file changed

+62
-12
lines changed

1 file changed

+62
-12
lines changed

includes/mailchimp-admin.php renamed to includes/class-mailchimp-admin.php

Lines changed: 62 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -1,18 +1,26 @@
11
<?php
22
/**
3-
* Admin functions for Mailchimp
3+
* Class responsible for Admin side functionalities.
44
*
55
* @package Mailchimp
66
*/
77

8+
// Exit if accessed directly.
9+
if ( ! defined( 'ABSPATH' ) ) {
10+
exit;
11+
}
12+
813
/**
9-
* Admin functions for Mailchimp
14+
* Class MailChimp_Admin
15+
*
16+
* @since x.x.x
1017
*/
1118
class MailChimp_Admin {
1219

1320
/**
1421
* The OAuth base endpoint
1522
*
23+
* @since x.x.x
1624
* @var string
1725
*/
1826
private $oauth_url = 'https://woocommerce.mailchimpapp.com';
@@ -59,7 +67,7 @@ public function start_oauth_process() {
5967

6068
// Check for errors.
6169
if ( $response instanceof WP_Error ) {
62-
wp_send_json_error( $response );
70+
wp_send_json_error( array( 'message' => $response->get_error_message() ) );
6371
}
6472

6573
// Send the response to the front-end.
@@ -107,21 +115,26 @@ public function finish_oauth_process() {
107115

108116
// Check for errors.
109117
if ( $response instanceof WP_Error ) {
110-
wp_send_json_error( $response );
118+
wp_send_json_error( array( 'message' => $response->get_error_message() ) );
111119
}
112120

113121
if ( 200 === $response['response']['code'] ) {
114-
delete_option( 'mc_api_key' );
115-
delete_option( 'mailchimp_sf_access_token' );
116-
delete_option( 'mailchimp_sf_data_center' );
117-
118-
delete_site_transient( 'mailchimp_sf_oauth_secret' );
119-
120122
// Save the access token and data center.
121123
$result = json_decode( $response['body'], true );
122124
if ( $result && ! empty( $result['access_token'] ) && ! empty( $result['data_center'] ) ) {
123-
update_option( 'mailchimp_sf_data_center', $result['data_center'] );
124-
update_option( 'mailchimp_sf_access_token', $result['access_token'] );
125+
// Clean up the old data.
126+
delete_option( 'mailchimp_sf_access_token' );
127+
delete_option( 'mailchimp_sf_data_center' );
128+
129+
delete_site_transient( 'mailchimp_sf_oauth_secret' );
130+
131+
// Verify the token.
132+
$verify = $this->verify_and_save_oauth_token( $result['access_token'], $result['data_center'] );
133+
134+
if ( is_wp_error( $verify ) ) {
135+
// If there is an error, send it back to the front-end.
136+
wp_send_json_error( array( 'message' => $verify->get_error_message() ) );
137+
}
125138

126139
wp_send_json_success( true );
127140
} else {
@@ -131,4 +144,41 @@ public function finish_oauth_process() {
131144
wp_send_json_error( $response );
132145
}
133146
}
147+
148+
/**
149+
* Verify and save the OAuth token.
150+
*
151+
* @param string $access_token The token to verify.
152+
* @param string $data_center The data center to verify.
153+
* @return mixed
154+
*/
155+
public function verify_and_save_oauth_token( $access_token, $data_center ) {
156+
try {
157+
$api = new MailChimp_API( $access_token, $data_center );
158+
} catch ( Exception $e ) {
159+
$msg = $e->getMessage();
160+
return new WP_Error( 'mailchimp-sf-invalid-token', $msg );
161+
}
162+
163+
$user = $api->get( '' );
164+
if ( is_wp_error( $user ) ) {
165+
return $user;
166+
}
167+
168+
// Might as well set this data if we have it already.
169+
$valid_roles = array( 'owner', 'admin', 'manager' );
170+
if ( isset( $user['role'] ) && in_array( $user['role'], $valid_roles, true ) ) {
171+
$data_encryption = new MailChimp_Data_Encryption();
172+
$access_token = $data_encryption->encrypt( $access_token );
173+
174+
update_option( 'mailchimp_sf_access_token', $access_token );
175+
update_option( 'mailchimp_sf_data_center', $data_center );
176+
update_option( 'mc_user', $user );
177+
return true;
178+
179+
} else {
180+
$msg = esc_html__( 'API Key must belong to "Owner", "Admin", or "Manager."', 'mailchimp' );
181+
return new WP_Error( 'mailchimp-sf-invalid-role', $msg );
182+
}
183+
}
134184
}

0 commit comments

Comments
 (0)