Prevent Stripe API calls after detecting the API keys are not valid (401 response from API) #4323
Conversation
There was a problem hiding this comment.
I think this is the general approach should work well, with a concern about triggering the code after one 401 response.
More broadly, I think we also need to clear the transient when we save/update the Stripe keys, which feels like it ought to occur in WC_Stripe_Connect->save_stripe_keys() and whatever code we use to disconnect/clear keys.
Co-authored-by: daledupreez <[email protected]>
…e save similar data for onboarding and webhooks stats
diegocurbelo
requested review from
a team and
annemirasol
and removed request for
a team
| @@ -133,11 +133,11 @@ const AccountDetails = () => { | |||
| { createInterpolateElement( | |||
| isTestModeEnabled | |||
| ? __( | |||
| "Seems like the test API keys we've saved for you are no longer valid. If you recently updated them, use the <strong>Configure Connection</strong> button below to reconnect.", | |||
| "We couldn't connect to your account, it seems like the test API keys we've saved for you are no longer valid. Please use the <strong>Configure connection</strong> button below to reconnect.", | |||
There was a problem hiding this comment.
Not urgent in this case. But, will this break internationalization of this string in the patch release?
There was a problem hiding this comment.
That said, I think the trade-off for correctly communicating the status is probably worth it.
There was a problem hiding this comment.
Correct, new strings need to be translated in the community translations site: https://translate.wordpress.org/projects/wp-plugins/woocommerce-gateway-stripe/
| @@ -133,11 +133,11 @@ const AccountDetails = () => { | |||
| { createInterpolateElement( | |||
| isTestModeEnabled | |||
| ? __( | |||
| "Seems like the test API keys we've saved for you are no longer valid. If you recently updated them, use the <strong>Configure Connection</strong> button below to reconnect.", | |||
| "We couldn't connect to your account, it seems like the test API keys we've saved for you are no longer valid. Please use the <strong>Configure connection</strong> button below to reconnect.", | |||
Co-authored-by: daledupreez <[email protected]>
| @@ -242,6 +263,18 @@ public static function retrieve( $api ) { | |||
| ] | |||
| ); | |||
|
|
|||
| // If we get a 401 error, we know the secret key is not valid. | |||
There was a problem hiding this comment.
Maybe we could consider later changing this to check for anything different from 200, to cover more possible issues.
There was a problem hiding this comment.
My proposed changes in #4327 take that approach when looking at responses. 😁
…401 response from API) (#4323) * Add transient to prevent api calls after getting a 401 response * Update includes/class-wc-stripe-api.php Co-authored-by: daledupreez <[email protected]> * Update error response to empty json * Remove invalid transient when saving new keys * Refactored to use get_option/update_option for concistency with how we save similar data for onboarding and webhooks stats * Update code comments * Update account not connected notification message * Show account as disconnected if the account data is not valid * Refactor 401 response to be null (needed for the Configure connection modal) * Clear account cache after detecting a 401 response * Add tests * Simplify option keys in test * Fix success response mock * Add changelo entry * Apply suggestions from code review Co-authored-by: daledupreez <[email protected]> --------- Co-authored-by: daledupreez <[email protected]>
Fixes #4270
Relates to STRIPE-445
Changes proposed in this Pull Request:
This PR implements a mechanism to prevent unnecessary Stripe API calls when the API keys are invalid (401 response).
This helps reduce unnecessary API calls and improves error notices/UI for merchants with invalid API credentials:
Testing instructions
WP-Admin > WooCommerce > Settings > Payments, and select theStripeoption from the listSettingstab and make sure the account is correctly connected:wp option patch update woocommerce_stripe_settings test_secret_key 'sk_test_INVALID'WP-Admindashboard and check that Stripe notice is shwon:WP-Admin > WooCommerce > Settings > Payments, and select theStripeoption from the listSettingstab and make sure the account status has the connection error message:Configure connectionand make sure the Account status isDisconnectedCreate or connect a test accountbutton, a re-connect your accountChangelog entry
Changelog Entry Comment
Comment
Post merge