woocommerce
diff --git a/‎changelog.txt
Lines changed: 7 additions & 0 deletions b/‎changelog.txt
Lines changed: 7 additions & 0 deletions
diff --git a/‎includes/admin/class-wc-rest-stripe-account-keys-controller.php
Lines changed: 1 addition & 0 deletions b/‎includes/admin/class-wc-rest-stripe-account-keys-controller.php
Lines changed: 1 addition & 0 deletions
diff --git a/‎includes/class-wc-stripe-api.php
Lines changed: 2 additions & 27 deletions b/‎includes/class-wc-stripe-api.php
Lines changed: 2 additions & 27 deletions
diff --git a/‎includes/class-wc-stripe-database-cache.php
Lines changed: 177 additions & 0 deletions b/‎includes/class-wc-stripe-database-cache.php
Lines changed: 177 additions & 0 deletions
@@ -1,5 +1,12 @@
 *** Changelog ***
 
+= 9.5.2 - 2025-05-22 =
+* Add - Implement custom database cache for persistent caching with in-memory optimization.
+* Update - Remove feature that flags 401s and proactively blocks subsequent API calls until the store has reauthenticated.
+* Fix - Disable payment settings sync when we receive unsupported payment method configurations.
+* Fix - Ensure that we use current Stripe API keys after settings updates
+* Fix - Fix initial enabled payment methods migration to the Stripe Payment Methods Configuration API
+
 = 9.5.1 - 2025-05-17 =
 * Fix - Add a fetch cooldown to the payment method configuration retrieval endpoint to prevent excessive requests.
 * Fix - Prevent further Stripe API calls if API keys are invalid (401 response).
 
@@ -272,6 +272,7 @@ public function set_account_keys( WP_REST_Request $request ) {
 		if ( $is_deleting_account ) {
 			$settings['enabled']              = 'no';
 			$settings['connection_type']      = '';
+			$settings['pmc_enabled']          = '';
 			$settings['test_connection_type'] = '';
 			$settings['refresh_token']        = '';
 			$settings['test_refresh_token']   = '';
 
@@ -16,20 +16,6 @@ class WC_Stripe_API {
 	const ENDPOINT           = 'https://api.stripe.com/v1/';
 	const STRIPE_API_VERSION = '2024-06-20';
 
-	/**
-	 * The test mode invalid API keys option key.
-	 *
-	 * @var string
-	 */
-	const TEST_MODE_INVALID_API_KEYS_OPTION_KEY = 'wc_stripe_test_invalid_api_keys_detected';
-
-	/**
-	 * The live mode invalid API keys option key.
-	 *
-	 * @var string
-	 */
-	const LIVE_MODE_INVALID_API_KEYS_OPTION_KEY = 'wc_stripe_live_invalid_api_keys_detected';
-
 	/**
 	 * Secret API Key.
 	 *
@@ -245,13 +231,6 @@ public static function request( $request, $api = 'charges', $method = 'POST', $w
 	 * @param string $api
 	 */
 	public static function retrieve( $api ) {
-		// If we have an option flag indicating that the secret key is not valid, we don't attempt the API call and we return an error.
-		$invalid_api_keys_option_key = WC_Stripe_Mode::is_test() ? self::TEST_MODE_INVALID_API_KEYS_OPTION_KEY : self::LIVE_MODE_INVALID_API_KEYS_OPTION_KEY;
-		$invalid_api_keys_detected = get_option( $invalid_api_keys_option_key );
-		if ( $invalid_api_keys_detected ) {
-			return null; // The UI expects this empty response in case of invalid API keys.
-		}
-
 		WC_Stripe_Logger::log( "{$api}" );
 
 		$response = wp_safe_remote_get(
@@ -265,12 +244,8 @@ public static function retrieve( $api ) {
 
 		// If we get a 401 error, we know the secret key is not valid.
 		if ( is_array( $response ) && isset( $response['response'] ) && is_array( $response['response'] ) && isset( $response['response']['code'] ) && 401 === $response['response']['code'] ) {
-			// We save a flag in the options to avoid making calls until the secret key gets updated.
-			update_option( $invalid_api_keys_option_key, true );
-			update_option( $invalid_api_keys_option_key . '_at', time() );
-
-			// We delete the transient for the account data to trigger the not-connected UI in the admin dashboard.
-			delete_transient( WC_Stripe_Mode::is_test() ? WC_Stripe_Account::TEST_ACCOUNT_OPTION : WC_Stripe_Account::LIVE_ACCOUNT_OPTION );
+			// Stripe redacts API keys in the response.
+			WC_Stripe_Logger::log( "Error: GET {$api} returned a 401" );
 
 			return null; // The UI expects this empty response in case of invalid API keys.
 		}
 
@@ -0,0 +1,177 @@
+<?php
+
+defined( 'ABSPATH' ) || exit; // block direct access.
+
+/**
+ * Class WC_Stripe_Database_Cache
+ */
+
+/**
+ * A class for caching data as an option in the database.
+ *
+ * Based on the WooCommerce Payments Database_Cache class implementation.
+ *
+ * @see https://github.com/Automattic/woocommerce-payments/blob/4b084af108cac9c6bd2467e52e5cdc3bc974a951/includes/class-database-cache.php
+ */
+class WC_Stripe_Database_Cache {
+
+	/**
+	 * In-memory cache for the duration of a single request.
+	 *
+	 * This is used to avoid multiple database reads for the same data and as a backstop in case the database write fails.
+	 *
+	 * @var array
+	 */
+	private static $in_memory_cache = [];
+
+	/**
+	 * Class constructor.
+	 */
+	private function __construct() {
+	}
+
+	/**
+	 * Stores a value in the cache.
+	 *
+	 * @param string $key  The key to store the value under.
+	 * @param mixed  $data The value to store.
+	 * @param int    $ttl  The TTL of the cache. Dafault 1 hour.
+	 *
+	 * @return void
+	 */
+	public static function set( $key, $data, $ttl = HOUR_IN_SECONDS ) {
+		self::write_to_cache( $key, $data, $ttl );
+	}
+
+	/**
+	 * Gets a value from the cache.
+	 *
+	 * @param string $key The key to look for.
+	 *
+	 * @return mixed|null The cache contents. NULL if the cache value is expired or missing.
+	 */
+	public static function get( $key ) {
+		$cache_contents = self::get_from_cache( $key );
+		if ( is_array( $cache_contents ) && array_key_exists( 'data', $cache_contents ) ) {
+			if ( self::is_expired( $key, $cache_contents ) ) {
+				return null;
+			}
+
+			return $cache_contents['data'];
+		}
+
+		return null;
+	}
+
+	/**
+	 * Deletes a value from the cache.
+	 *
+	 * @param string $key The key to delete.
+	 *
+	 * @return void
+	 */
+	public static function delete( $key ) {
+		// Remove from the in-memory cache.
+		unset( self::$in_memory_cache[ $key ] );
+
+		// Remove from the DB cache.
+		if ( delete_option( $key ) ) {
+			// Clear the WP object cache to ensure the new data is fetched by other processes.
+			wp_cache_delete( $key, 'options' );
+		}
+	}
+
+	/**
+	 * Wraps the data in the cache metadata and stores it.
+	 *
+	 * @param string  $key     The key to store the data under.
+	 * @param mixed   $data    The data to store.
+	 * @param int     $ttl     The TTL of the cache.
+	 *
+	 * @return void
+	 */
+	private static function write_to_cache( $key, $data, $ttl ) {
+		// Add the data and expiry time to the array we're caching.
+		$cache_contents = [
+			'data'    => $data,
+			'ttl'     => $ttl,
+			'updated' => time(),
+		];
+
+		// Write the in-memory cache.
+		self::$in_memory_cache[ $key ] = $cache_contents;
+
+		// Create or update the DB option cache.
+		// Note: Since we are adding the current time to the option value, WP will ALWAYS write the option because
+		// the cache contents value is different from the current one, even if the data is the same.
+		// A `false` result ONLY means that the DB write failed.
+		// Yes, there is the possibility that we attempt to write the same data multiple times within the SAME second,
+		// and we will mistakenly think that the DB write failed. We are OK with this false positive,
+		// since the actual data is the same.
+		//
+		// Note 2: Autoloading too many options can lead to performance problems, and we are implementing this as a
+		// general cache for the plugin, so we set the autoload to false.
+		$result = update_option( $key, $cache_contents, false );
+		if ( false !== $result ) {
+			// If the DB cache write succeeded, clear the WP object cache to ensure the new data is fetched by other processes.
+			wp_cache_delete( $key, 'options' );
+		}
+	}
+
+	/**
+	 * Get the cache contents for a certain key.
+	 *
+	 * @param string $key The cache key.
+	 *
+	 * @return array|false The cache contents (array with `data`, `ttl`, and `updated` entries).
+	 *                     False if there is no cached data.
+	 */
+	private static function get_from_cache( $key ) {
+		// Check the in-memory cache first.
+		if ( isset( self::$in_memory_cache[ $key ] ) ) {
+			return self::$in_memory_cache[ $key ];
+		}
+
+		// Read from the DB cache.
+		$data = get_option( $key );
+
+		// Store the data in the in-memory cache, including the case when there is no data cached (`false`).
+		self::$in_memory_cache[ $key ] = $data;
+
+		return $data;
+	}
+
+	/**
+	 * Checks if the cache value is expired.
+	 *
+	 * @param string $key            The cache key.
+	 * @param array  $cache_contents The cache contents.
+	 *
+	 * @return boolean True if the contents are expired. False otherwise.
+	 */
+	private static function is_expired( $key, $cache_contents ) {
+		if ( ! is_array( $cache_contents ) || ! isset( $cache_contents['updated'] ) || ! isset( $cache_contents['ttl'] ) ) {
+			// Treat bad/invalid cache contents as expired
+			return true;
+		}
+
+		// Double-check that we have integers for `updated` and `ttl`.
+		if ( ! is_int( $cache_contents['updated'] ) || ! is_int( $cache_contents['ttl'] ) ) {
+			return true;
+		}
+
+		$expires = $cache_contents['updated'] + $cache_contents['ttl'];
+		$now     = time();
+
+		return apply_filters( 'wcstripe_database_cache_is_expired', $expires < $now, $key, $cache_contents );
+	}
+
+	/**
+	 * Get all cached keys in memory.
+	 *
+	 * @return array The cached keys.
+	 */
+	public static function get_cached_keys() {
+		return array_keys( self::$in_memory_cache );
+	}
+}