Changeset 2785289

Timestamp:

09/15/2022 11:37:02 AM (3 years ago)

Author:

omise

Message:

Update to version 4.24.1 from GitHub

Location:

omise

Files:

• tags/4.24.1 (copied) (copied from omise/trunk)
• tags/4.24.1/CHANGELOG.md (modified) (1 diff)
• tags/4.24.1/includes/class-omise-capabilities.php (modified) (3 diffs)
• tags/4.24.1/omise-woocommerce.php (modified) (2 diffs)
• tags/4.24.1/readme.txt (modified) (2 diffs)
• tags/4.24.1/tests/unit/includes/class-omise-money-test.php (modified) (1 diff)
• trunk/CHANGELOG.md (modified) (1 diff)
• trunk/includes/class-omise-capabilities.php (modified) (3 diffs)
• trunk/omise-woocommerce.php (modified) (2 diffs)
• trunk/readme.txt (modified) (2 diffs)
• trunk/tests/unit/includes/class-omise-money-test.php (modified) (1 diff)

omise/tags/4.24.1/CHANGELOG.md

@@ -1 +1 @@
 # CHANGELOG
+
+### [v4.24.1 _(Sep 15, 2022)_](https://github.com/omise/omise-woocommerce/releases/tag/v4.24.1)
+- Fix the issue of user unable to set new keys when their old keys are expired. (PR [#311](https://github.com/omise/omise-woocommerce/pull/311))
 
 ### [v4.24.0 _(Sep 7, 2022)_](https://github.com/omise/omise-woocommerce/releases/tag/v4.24.0)

omise/tags/4.24.1/includes/class-omise-capabilities.php

@@ -40 +40 @@
         $secretKey = !$sKey ? $settings->secret_key() : $sKey;
 
+        $keys = self::getKeys($pKey, $sKey);
+
         // Do not call capabilities API if keys are not present
-        if(empty($publicKey) || empty($secretKey)) {
+        if(empty($keys['public']) || empty($keys['secret'])) {
             return null;
         }
 
         if(self::$instance) {
-            $keysNotChanged = self::$instance->publicKey === $publicKey && self::$instance->secretKey === $secretKey;
+            $keysNotChanged = self::$instance->publicKey === $keys['public'] && self::$instance->secretKey === $keys['secret'];
 
             // if keys are same then we return the previous instance without calling
@@ -57 +59 @@
 
         try {
-            $capabilities = OmiseCapabilities::retrieve( $publicKey , $secretKey );
+            $capabilities = OmiseCapabilities::retrieve( $keys['public'] , $keys['secret'] );
         } catch(\Exception $e) {
             // logging the error and suppressing error on the admin dashboard
@@ -66 +68 @@
         self::$instance = new self();
         self::$instance->capabilities = $capabilities;
-        self::$instance->publicKey = $publicKey;
-        self::$instance->secretKey = $secretKey;
+        self::$instance->publicKey = $keys['public'];
+        self::$instance->secretKey = $keys['secret'];
         return self::$instance;
+    }
+
+    /**
+     * @param string|null $pKey
+     * @param string|null $sKey
+    */
+    private static function getKeys($pKey = null, $sKey = null)
+    {
+        $settings = Omise_Setting::instance();
+
+        // Check if user has submitted a form
+        if ( ! empty( $_POST ) && isset($_POST['sandbox']) && isset($_POST['test_public_key']) ) {
+            return self::getUserEnteredKeys();
+        }
+
+        return [
+            'public' => !$pKey ? $settings->public_key() : $pKey,
+            'secret' => !$sKey ? $settings->secret_key() : $sKey
+        ];
+    }
+
+    /**
+     * We have many classes that calls capabilities API before the user entered keys are saved.
+     * This means they will use the old saved keys instead of new user entered keys. This will
+     * cause issues like:
+     *  - 401 unauthorized access
+     *  - Expired keys
+     *  - Others
+     *
+     * To avoid such issue we first get the user entered keys from $_POST so that other classes calls the
+     * capabilities API from the user entered keys.
+     */
+    private static function getUserEnteredKeys()
+    {
+        if (
+            ! isset( $_POST['omise_setting_page_nonce'] ) ||
+            ! wp_verify_nonce( $_POST['omise_setting_page_nonce'], 'omise-setting' )
+        ) {
+            wp_die( __( 'You are not allowed to modify the settings from a suspicious source.', 'omise' ) );
+        }
+
+        return [
+            'public' => isset( $_POST['sandbox'] ) ?
+                sanitize_text_field($_POST['test_public_key']) :
+                sanitize_text_field($_POST['live_public_key']),
+            'secret' => isset( $_POST['sandbox'] ) ?
+                sanitize_text_field($_POST['test_private_key']) :
+                sanitize_text_field($_POST['live_private_key'])
+        ];
     }
     

omise/tags/4.24.1/omise-woocommerce.php

@@ -4 +4 @@
  * Plugin URI:  https://www.omise.co/woocommerce
  * Description: Omise WooCommerce Gateway Plugin is a WordPress plugin designed specifically for WooCommerce. The plugin adds support for Omise Payment Gateway payment method to WooCommerce.
- * Version:     4.24.0
+ * Version:     4.24.1
  * Author:      Omise and contributors
  * Author URI:  https://github.com/omise/omise-woocommerce/graphs/contributors
@@ -21 +21 @@
      * @var string
      */
-    public $version = '4.24.0';
+    public $version = '4.24.1';
 
     /**

omise/tags/4.24.1/readme.txt

@@ -4 +4 @@
 Requires at least: 4.3.1
 Tested up to: 6.0.2
-Stable tag: 4.24.0
+Stable tag: 4.24.1
 License: MIT
 License URI: https://opensource.org/licenses/MIT
@@ -33 +33 @@
 
 == Changelog ==
+
+= 4.24.1 =
+
+#### 👾 Bug Fixes
+- Fix the issue of user unable to set new keys when their old keys are expired. (PR [#311](https://github.com/omise/omise-woocommerce/pull/311))
 
 = 4.24.0 =

omise/tags/4.24.1/tests/unit/includes/class-omise-money-test.php

@@ -32 +32 @@
      */
     public function convert_amount_with_4_decimal_points() {
-        $amount   = 4780.0409;
-        $currency = 'thb';
-
-        $this->assertEquals( 478004.09, Omise_Money::to_subunit( $amount, $currency ) );
+        $amount   = 4780.0405;
+        $currency = 'thb';
+
+        $this->assertEquals(478004.05, Omise_Money::to_subunit( $amount, $currency ));
     }
 

omise/trunk/CHANGELOG.md

@@ -1 +1 @@
 # CHANGELOG
+
+### [v4.24.1 _(Sep 15, 2022)_](https://github.com/omise/omise-woocommerce/releases/tag/v4.24.1)
+- Fix the issue of user unable to set new keys when their old keys are expired. (PR [#311](https://github.com/omise/omise-woocommerce/pull/311))
 
 ### [v4.24.0 _(Sep 7, 2022)_](https://github.com/omise/omise-woocommerce/releases/tag/v4.24.0)

omise/trunk/includes/class-omise-capabilities.php

@@ -40 +40 @@
         $secretKey = !$sKey ? $settings->secret_key() : $sKey;
 
+        $keys = self::getKeys($pKey, $sKey);
+
         // Do not call capabilities API if keys are not present
-        if(empty($publicKey) || empty($secretKey)) {
+        if(empty($keys['public']) || empty($keys['secret'])) {
             return null;
         }
 
         if(self::$instance) {
-            $keysNotChanged = self::$instance->publicKey === $publicKey && self::$instance->secretKey === $secretKey;
+            $keysNotChanged = self::$instance->publicKey === $keys['public'] && self::$instance->secretKey === $keys['secret'];
 
             // if keys are same then we return the previous instance without calling
@@ -57 +59 @@
 
         try {
-            $capabilities = OmiseCapabilities::retrieve( $publicKey , $secretKey );
+            $capabilities = OmiseCapabilities::retrieve( $keys['public'] , $keys['secret'] );
         } catch(\Exception $e) {
             // logging the error and suppressing error on the admin dashboard
@@ -66 +68 @@
         self::$instance = new self();
         self::$instance->capabilities = $capabilities;
-        self::$instance->publicKey = $publicKey;
-        self::$instance->secretKey = $secretKey;
+        self::$instance->publicKey = $keys['public'];
+        self::$instance->secretKey = $keys['secret'];
         return self::$instance;
+    }
+
+    /**
+     * @param string|null $pKey
+     * @param string|null $sKey
+    */
+    private static function getKeys($pKey = null, $sKey = null)
+    {
+        $settings = Omise_Setting::instance();
+
+        // Check if user has submitted a form
+        if ( ! empty( $_POST ) && isset($_POST['sandbox']) && isset($_POST['test_public_key']) ) {
+            return self::getUserEnteredKeys();
+        }
+
+        return [
+            'public' => !$pKey ? $settings->public_key() : $pKey,
+            'secret' => !$sKey ? $settings->secret_key() : $sKey
+        ];
+    }
+
+    /**
+     * We have many classes that calls capabilities API before the user entered keys are saved.
+     * This means they will use the old saved keys instead of new user entered keys. This will
+     * cause issues like:
+     *  - 401 unauthorized access
+     *  - Expired keys
+     *  - Others
+     *
+     * To avoid such issue we first get the user entered keys from $_POST so that other classes calls the
+     * capabilities API from the user entered keys.
+     */
+    private static function getUserEnteredKeys()
+    {
+        if (
+            ! isset( $_POST['omise_setting_page_nonce'] ) ||
+            ! wp_verify_nonce( $_POST['omise_setting_page_nonce'], 'omise-setting' )
+        ) {
+            wp_die( __( 'You are not allowed to modify the settings from a suspicious source.', 'omise' ) );
+        }
+
+        return [
+            'public' => isset( $_POST['sandbox'] ) ?
+                sanitize_text_field($_POST['test_public_key']) :
+                sanitize_text_field($_POST['live_public_key']),
+            'secret' => isset( $_POST['sandbox'] ) ?
+                sanitize_text_field($_POST['test_private_key']) :
+                sanitize_text_field($_POST['live_private_key'])
+        ];
     }
     

omise/trunk/omise-woocommerce.php

@@ -4 +4 @@
  * Plugin URI:  https://www.omise.co/woocommerce
  * Description: Omise WooCommerce Gateway Plugin is a WordPress plugin designed specifically for WooCommerce. The plugin adds support for Omise Payment Gateway payment method to WooCommerce.
- * Version:     4.24.0
+ * Version:     4.24.1
  * Author:      Omise and contributors
  * Author URI:  https://github.com/omise/omise-woocommerce/graphs/contributors
@@ -21 +21 @@
      * @var string
      */
-    public $version = '4.24.0';
+    public $version = '4.24.1';
 
     /**

omise/trunk/readme.txt

@@ -4 +4 @@
 Requires at least: 4.3.1
 Tested up to: 6.0.2
-Stable tag: 4.24.0
+Stable tag: 4.24.1
 License: MIT
 License URI: https://opensource.org/licenses/MIT
@@ -33 +33 @@
 
 == Changelog ==
+
+= 4.24.1 =
+
+#### 👾 Bug Fixes
+- Fix the issue of user unable to set new keys when their old keys are expired. (PR [#311](https://github.com/omise/omise-woocommerce/pull/311))
 
 = 4.24.0 =

omise/trunk/tests/unit/includes/class-omise-money-test.php

@@ -32 +32 @@
      */
     public function convert_amount_with_4_decimal_points() {
-        $amount   = 4780.0409;
-        $currency = 'thb';
-
-        $this->assertEquals( 478004.09, Omise_Money::to_subunit( $amount, $currency ) );
+        $amount   = 4780.0405;
+        $currency = 'thb';
+
+        $this->assertEquals(478004.05, Omise_Money::to_subunit( $amount, $currency ));
     }