From b42e9436ae88ed159b645b65f07cfdd4cccc8320 Mon Sep 17 00:00:00 2001 From: Emili Castells Guasch Date: Tue, 6 Aug 2024 15:30:50 +0200 Subject: [PATCH] Add id token cache key for each user --- modules/ppcp-api-client/src/ApiModule.php | 10 ++----- .../src/Authentication/SdkClientToken.php | 30 +++---------------- .../src/Authentication/UserIdToken.php | 16 ++-------- modules/ppcp-axo/src/AxoModule.php | 10 +------ .../js/modules/Helper/ScriptLoading.js | 5 +++- .../src/Endpoint/LoginSellerEndpoint.php | 3 -- .../src/Settings/SettingsListener.php | 3 -- 7 files changed, 15 insertions(+), 62 deletions(-) diff --git a/modules/ppcp-api-client/src/ApiModule.php b/modules/ppcp-api-client/src/ApiModule.php index 5c3ec56bd..2d63bd80f 100644 --- a/modules/ppcp-api-client/src/ApiModule.php +++ b/modules/ppcp-api-client/src/ApiModule.php @@ -10,7 +10,6 @@ declare(strict_types=1); namespace WooCommerce\PayPalCommerce\ApiClient; use WC_Order; -use WooCommerce\PayPalCommerce\ApiClient\Authentication\SdkClientToken; use WooCommerce\PayPalCommerce\ApiClient\Authentication\UserIdToken; use WooCommerce\PayPalCommerce\ApiClient\Helper\Cache; use WooCommerce\PayPalCommerce\ApiClient\Helper\FailureRegistry; @@ -100,15 +99,12 @@ class ApiModule implements ModuleInterface { add_action( 'wp_logout', - function() use ( $c ) { + function( int $user_id ) use ( $c ) { $client_credentials_cache = $c->get( 'api.client-credentials-cache' ); assert( $client_credentials_cache instanceof Cache ); - if ( $client_credentials_cache->has( UserIdToken::CACHE_KEY ) ) { - $client_credentials_cache->delete( UserIdToken::CACHE_KEY ); - } - if ( $client_credentials_cache->has( SdkClientToken::CACHE_KEY ) ) { - $client_credentials_cache->delete( SdkClientToken::CACHE_KEY ); + if ( $client_credentials_cache->has( UserIdToken::CACHE_KEY . '-' . (string) $user_id ) ) { + $client_credentials_cache->delete( UserIdToken::CACHE_KEY . '-' . (string) $user_id ); } } ); diff --git a/modules/ppcp-api-client/src/Authentication/SdkClientToken.php b/modules/ppcp-api-client/src/Authentication/SdkClientToken.php index 85a447176..6236869e2 100644 --- a/modules/ppcp-api-client/src/Authentication/SdkClientToken.php +++ b/modules/ppcp-api-client/src/Authentication/SdkClientToken.php @@ -72,23 +72,16 @@ class SdkClientToken { } /** - * Returns `sdk_client_token` which uniquely identifies the payer. - * - * @param string $target_customer_id Vaulted customer id. + * Returns the client token for SDK `data-sdk-client-token`. * * @return string * * @throws PayPalApiException If the request fails. * @throws RuntimeException If something unexpected happens. */ - public function sdk_client_token( string $target_customer_id = '' ): string { + public function sdk_client_token(): string { if ( $this->cache->has( self::CACHE_KEY ) ) { - $user_id = $this->cache->get( self::CACHE_KEY )['user_id'] ?? 0; - $access_token = $this->cache->get( self::CACHE_KEY )['access_token'] ?? ''; - - if ( $user_id === get_current_user_id() && $access_token ) { - return $access_token; - } + $this->cache->get( self::CACHE_KEY ); } // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized @@ -97,15 +90,6 @@ class SdkClientToken { $url = trailingslashit( $this->host ) . 'v1/oauth2/token?grant_type=client_credentials&response_type=client_token&intent=sdk_init&domains[]=' . $domain; - if ( $target_customer_id ) { - $url = add_query_arg( - array( - 'target_customer_id' => $target_customer_id, - ), - $url - ); - } - $args = array( 'method' => 'POST', 'headers' => array( @@ -126,13 +110,7 @@ class SdkClientToken { } $access_token = $json->access_token; - - $data = array( - 'access_token' => $access_token, - 'user_id' => get_current_user_id(), - ); - - $this->cache->set( self::CACHE_KEY, $data ); + $this->cache->set( self::CACHE_KEY, $access_token ); return $access_token; } diff --git a/modules/ppcp-api-client/src/Authentication/UserIdToken.php b/modules/ppcp-api-client/src/Authentication/UserIdToken.php index c60801dd5..3c215a11f 100644 --- a/modules/ppcp-api-client/src/Authentication/UserIdToken.php +++ b/modules/ppcp-api-client/src/Authentication/UserIdToken.php @@ -82,13 +82,8 @@ class UserIdToken { * @throws RuntimeException If something unexpected happens. */ public function id_token( string $target_customer_id = '' ): string { - if ( $this->cache->has( self::CACHE_KEY ) ) { - $user_id = $this->cache->get( self::CACHE_KEY )['user_id'] ?? 0; - $id_token = $this->cache->get( self::CACHE_KEY )['id_token'] ?? ''; - - if ( $user_id === get_current_user_id() && $id_token ) { - return $id_token; - } + if ( $this->cache->has( self::CACHE_KEY . '-' . (string) get_current_user_id() ) ) { + return $this->cache->get( self::CACHE_KEY . '-' . (string) get_current_user_id() ); } $url = trailingslashit( $this->host ) . 'v1/oauth2/token?grant_type=client_credentials&response_type=id_token'; @@ -122,12 +117,7 @@ class UserIdToken { $id_token = $json->id_token; - $data = array( - 'id_token' => $id_token, - 'user_id' => get_current_user_id(), - ); - - $this->cache->set( self::CACHE_KEY, $data ); + $this->cache->set( self::CACHE_KEY . '-' . (string) get_current_user_id(), $id_token ); return $id_token; } diff --git a/modules/ppcp-axo/src/AxoModule.php b/modules/ppcp-axo/src/AxoModule.php index 3505ff555..c0fc34b24 100644 --- a/modules/ppcp-axo/src/AxoModule.php +++ b/modules/ppcp-axo/src/AxoModule.php @@ -280,15 +280,7 @@ class AxoModule implements ModuleInterface { array $localized_script_data ): array { try { - $target_customer_id = ''; - if ( is_user_logged_in() ) { - $target_customer_id = get_user_meta( get_current_user_id(), '_ppcp_target_customer_id', true ); - if ( ! $target_customer_id ) { - $target_customer_id = get_user_meta( get_current_user_id(), 'ppcp_customer_id', true ); - } - } - - $sdk_client_token = $api->sdk_client_token( $target_customer_id ); + $sdk_client_token = $api->sdk_client_token(); $localized_script_data['axo'] = array( 'sdk_client_token' => $sdk_client_token, ); diff --git a/modules/ppcp-button/resources/js/modules/Helper/ScriptLoading.js b/modules/ppcp-button/resources/js/modules/Helper/ScriptLoading.js index 0aa70f793..588e14cd6 100644 --- a/modules/ppcp-button/resources/js/modules/Helper/ScriptLoading.js +++ b/modules/ppcp-button/resources/js/modules/Helper/ScriptLoading.js @@ -71,7 +71,10 @@ export const loadPaypalScript = ( config, onLoaded, onError = null ) => { } // Load PayPal script for special case with data-client-token - if ( config.data_client_id?.set_attribute ) { + if ( + config.data_client_id?.set_attribute && + config.vault_v3_enabled !== '1' + ) { dataClientIdAttributeHandler( scriptOptions, config.data_client_id, diff --git a/modules/ppcp-onboarding/src/Endpoint/LoginSellerEndpoint.php b/modules/ppcp-onboarding/src/Endpoint/LoginSellerEndpoint.php index 2a30ad6b1..e1d23234f 100644 --- a/modules/ppcp-onboarding/src/Endpoint/LoginSellerEndpoint.php +++ b/modules/ppcp-onboarding/src/Endpoint/LoginSellerEndpoint.php @@ -187,9 +187,6 @@ class LoginSellerEndpoint implements EndpointInterface { if ( $this->cache->has( PayPalBearer::CACHE_KEY ) ) { $this->cache->delete( PayPalBearer::CACHE_KEY ); } - if ( $this->client_credentials_cache->has( UserIdToken::CACHE_KEY ) ) { - $this->client_credentials_cache->delete( UserIdToken::CACHE_KEY ); - } if ( $this->client_credentials_cache->has( SdkClientToken::CACHE_KEY ) ) { $this->client_credentials_cache->delete( SdkClientToken::CACHE_KEY ); } diff --git a/modules/ppcp-wc-gateway/src/Settings/SettingsListener.php b/modules/ppcp-wc-gateway/src/Settings/SettingsListener.php index e7e39a9e6..6c01830d6 100644 --- a/modules/ppcp-wc-gateway/src/Settings/SettingsListener.php +++ b/modules/ppcp-wc-gateway/src/Settings/SettingsListener.php @@ -502,9 +502,6 @@ class SettingsListener { if ( $this->cache->has( PayPalBearer::CACHE_KEY ) ) { $this->cache->delete( PayPalBearer::CACHE_KEY ); } - if ( $this->client_credentials_cache->has( UserIdToken::CACHE_KEY ) ) { - $this->client_credentials_cache->delete( UserIdToken::CACHE_KEY ); - } if ( $this->client_credentials_cache->has( SdkClientToken::CACHE_KEY ) ) { $this->client_credentials_cache->delete( SdkClientToken::CACHE_KEY ); }