feat: Account URL added to Auth URLs. (#755)

* feat: Account URL added to Auth URLs.

* fix: Account URL issues resolved + Variation Attribute connections refactored.

Author: kidunot89

composer.lock

@@ -25,6 +25,7 @@ public static function get_other_nonce_values( $excluded ) {
 			[
 				'cart_url'               => woographql_setting( 'cart_url_nonce_param', '_wc_cart' ),
 				'checkout_url'           => woographql_setting( 'checkout_url_nonce_param', '_wc_checkout' ),
+				'account_url'            => woographql_setting( 'account_url_nonce_param', '_wc_account' ),
 				'add_payment_method_url' => woographql_setting( 'add_payment_method_url_nonce_param', '_wc_payment' ),
 			]
 		);
@@ -33,25 +34,36 @@ public static function get_other_nonce_values( $excluded ) {
 	}
 
 	/**
-	 * Returns General settings fields.
+	 * Returns the enabled authorizing URL fields.
 	 *
 	 * @return array
 	 */
-	public static function get_fields() {
-		$custom_endpoint                = apply_filters( 'woographql_authorizing_url_endpoint', null );
-		$enabled_authorizing_url_fields = woographql_setting( 'enable_authorizing_url_fields', [] );
-		$enabled_authorizing_url_fields = ! empty( $enabled_authorizing_url_fields ) ? array_keys( $enabled_authorizing_url_fields ) : [];
-		$all_urls_checked               = apply_filters(
+	public static function enabled_authorizing_url_fields_value() {
+		return apply_filters(
 			'woographql_enabled_authorizing_url_fields',
 			[
 				'cart_url'               => 'cart_url',
 				'checkout_url'           => 'checkout_url',
+				'account_url'            => 'account_url',
 				'add_payment_method_url' => 'add_payment_method_url',
 			]
 		);
+	}
+
+	/**
+	 * Returns General settings fields.
+	 *
+	 * @return array
+	 */
+	public static function get_fields() {
+		$custom_endpoint                = apply_filters( 'woographql_authorizing_url_endpoint', null );
+		$enabled_authorizing_url_fields = woographql_setting( 'enable_authorizing_url_fields', [] );
+		$enabled_authorizing_url_fields = ! empty( $enabled_authorizing_url_fields ) ? array_keys( $enabled_authorizing_url_fields ) : [];
+		$all_urls_checked               = self::enabled_authorizing_url_fields_value();
 
 		$cart_url_hardcoded               = defined( 'CART_URL_NONCE_PARAM' ) && ! empty( constant( 'CART_URL_NONCE_PARAM' ) );
 		$checkout_url_hardcoded           = defined( 'CHECKOUT_URL_NONCE_PARAM' ) && ! empty( constant( 'CHECKOUT_URL_NONCE_PARAM' ) );
+		$account_url_hardcoded            = defined( 'ACCOUNT_URL_NONCE_PARAM' ) && ! empty( constant( 'ACCOUNT_URL_NONCE_PARAM' ) );
 		$add_payment_method_url_hardcoded = defined( 'ADD_PAYMENT_METHOD_URL_NONCE_PARAM' ) && ! empty( constant( 'ADD_PAYMENT_METHOD_URL_NONCE_PARAM' ) );
 
 		$enable_auth_urls_hardcoded = defined( 'WPGRAPHQL_WOOCOMMERCE_ENABLE_AUTH_URLS' ) && ! empty( constant( 'ADD_PAYMENT_METHOD_URL_NONCE_PARAM' ) );
@@ -84,6 +96,7 @@ public static function get_fields() {
 					[
 						'cart_url'               => __( 'Cart URL. Field name: <strong>cartUrl</strong>', 'wp-graphql-woocommerce' ),
 						'checkout_url'           => __( 'Checkout URL. Field name: <strong>checkoutUrl</strong>', 'wp-graphql-woocommerce' ),
+						'account_url'            => __( 'Account URL. Field name: <strong>accountUrl</strong>', 'wp-graphql-woocommerce' ),
 						'add_payment_method_url' => __( 'Add Payment Method URL. Field name: <strong>addPaymentMethodUrl</strong>', 'wp-graphql-woocommerce' ),
 					]
 				),
@@ -158,6 +171,30 @@ public static function get_fields() {
 					return $value;
 				},
 			],
+			[
+				'name'              => 'account_url_nonce_param',
+				'label'             => __( 'Account URL nonce name', 'wp-graphql-woocommerce' ),
+				'desc'              => __( 'Query parameter name of the nonce included in the "accountUrl" field', 'wp-graphql-woocommerce' )
+					. ( $account_url_hardcoded ? __( ' This setting is disabled. The "ACCOUNT_URL_NONCE_PARAM" flag has been set with code', 'wp-graphql-woocommerce' ) : '' ),
+				'type'              => 'text',
+				'value'             => $account_url_hardcoded ? ACCOUNT_URL_NONCE_PARAM : woographql_setting( 'account_url_nonce_param', '_wc_account' ),
+				'disabled'          => defined( 'ACCOUNT_URL_NONCE_PARAM' ) || ! in_array( 'account_url', $enabled_authorizing_url_fields, true ),
+				'sanitize_callback' => function ( $value ) {
+					$other_nonces = self::get_other_nonce_values( 'account_url' );
+					if ( in_array( $value, $other_nonces, true ) ) {
+						add_settings_error(
+							'account_url_nonce_param',
+							'unique',
+							__( 'The <strong>Account URL nonce name</strong> field must be unique', 'wp-graphql-woocommerce' ),
+							'error'
+						);
+
+						return '_wc_account';
+					}
+
+					return $value;
+				},
+			],
 			[
 				'name'              => 'add_payment_method_url_nonce_param',
 				'label'             => __( 'Add Payment Method URL nonce name', 'wp-graphql-woocommerce' ),

includes/admin/class-general.php

@@ -57,14 +57,7 @@ public static function is_session_handler_disabled() {
 	 */
 	public static function enabled_authorizing_url_fields() {
 		if ( defined( 'WPGRAPHQL_WOOCOMMERCE_ENABLE_AUTH_URLS' ) ) {
-			return apply_filters(
-				'woographql_enabled_authorizing_url_fields',
-				[
-					'cart_url'               => 'cart_url',
-					'checkout_url'           => 'checkout_url',
-					'add_payment_method_url' => 'add_payment_method_url',
-				]
-			);
+			return \WPGraphQL\WooCommerce\Admin\General::enabled_authorizing_url_fields_value();
 		}
 		return woographql_setting( 'enable_authorizing_url_fields', [] );
 	}

includes/class-woocommerce-filters.php

@@ -25,12 +25,57 @@ class Variation_Attribute_Connection_Resolver {
 	/**
 	 * Returns data array from WC_Product_Attribute ArrayAccess object.
 	 *
-	 * @param array      $attrs      WC_Product_Attribute object.
-	 * @param string|int $parent_id  ProductVariation Relay ID.
+	 * @param array $attrs       Source Product's WC_Product_Attribute(s) object.
+	 * @param int   $product_id  Source Product ID.
+	 * @return array
+	 */
+	public static function product_attributes_to_data_array( $attrs, $product_id ) {
+		$attributes = [];
+
+		foreach ( $attrs as $attribute ) {
+			if ( ! is_a( $attribute, 'WC_Product_Attribute' ) ) {
+				continue;
+			}
+			$name = wc_attribute_label( $attribute->get_name() );
+
+			if ( $attribute->is_taxonomy() ) {
+				$attribute_taxonomy = $attribute->get_taxonomy_object();
+				$attribute_values   = wc_get_product_terms( $product_id, $attribute->get_name(), [ 'fields' => 'all' ] );
+				foreach ( $attribute_values as $attribute_value ) {
+					$id           = base64_encode( $product_id . '|' . $name . '|' . $attribute_value->name ); // phpcs:ignore WordPress.PHP.DiscouragedPHPFunctions.obfuscation_base64_encode
+					$attributes[] = [
+						'id'          => $id,
+						'attributeId' => $attribute_value->term_id,
+						'name'        => $name,
+						'value'       => $attribute_value->name,
+					];
+				}
+			} else {
+				$values = $attribute->get_options();
+				foreach ( $values as $attribute_value ) {
+					$id           = base64_encode( $product_id . '|' . $name . '|' . $attribute_value ); // phpcs:ignore WordPress.PHP.DiscouragedPHPFunctions.obfuscation_base64_encode
+					$attributes[] = [
+						'id'          => $id,
+						'attributeId' => 0,
+						'name'        => $name,
+						'value'       => $attribute_value,
+					];
+				}
+			}//end if
+		}//end foreach
+
+		return $attributes;
+	}
+
+	/**
+	 * Returns data array from WC_Product_Attribute ArrayAccess object.
+	 *
+	 * @param array      $attrs         WC_Product_Attribute object.
+	 * @param string|int $variation_id  Variable Product or Variation ID.
 	 *
 	 * @return array
 	 */
-	public static function to_data_array( $attrs = [], $parent_id = 0 ) {
+	public static function variation_attributes_to_data_array( $attrs, $variation_id ) {
 		$attributes = [];
 
 		// Bail early if explicitly '0' attributes.
@@ -43,26 +88,23 @@ public static function to_data_array( $attrs = [], $parent_id = 0 ) {
 
 			// ID create for caching only, not object retrieval.
 			// phpcs:ignore WordPress.PHP.DiscouragedPHPFunctions.obfuscation_base64_encode
-			$id = base64_encode( $parent_id . '||' . $name . '||' . $value );
+			$id = base64_encode( $variation_id . '||' . $name . '||' . $value );
 
 			if ( ! $term instanceof \WP_Term ) {
 				$attributes[] = [
-
 					'id'          => $id,
 					'attributeId' => 0,
 					'name'        => $name,
 					'value'       => $value,
 				];
-
-				continue;
+			} else {
+				$attributes[] = [
+					'id'          => $id,
+					'attributeId' => $term->term_id,
+					'name'        => $term->taxonomy,
+					'value'       => $term->name,
+				];
 			}
-
-			$attributes[] = [
-				'id'          => $id,
-				'attributeId' => $term->term_id,
-				'name'        => $term->taxonomy,
-				'value'       => $term->name,
-			];
 		}//end foreach
 
 		return $attributes;
@@ -79,10 +121,13 @@ public static function to_data_array( $attrs = [], $parent_id = 0 ) {
 	 * @return array|null
 	 */
 	public function resolve( $source, array $args, AppContext $context, ResolveInfo $info ) {
-		if ( is_a( $source, Product::class ) ) {
-			$attributes = self::to_data_array( $source->default_attributes, $source->ID );
+		if ( is_a( $source, Product::class ) && 'simple' === $source->get_type() ) {
+			$attributes = self::product_attributes_to_data_array( $source->attributes, $source->ID );
 		} else {
-			$attributes = self::to_data_array( $source->attributes, $source->ID );
+			$attributes = self::variation_attributes_to_data_array(
+				is_a( $source, Product::class ) ? $source->default_attributes : $source->attributes,
+				$source->ID
+			);
 		}
 
 		$connection = Relay::connectionFromArray( $attributes, $args );

includes/data/connection/class-variation-attribute-connection-resolver.php

@@ -685,7 +685,7 @@ public static function register_cart_item() {
 										}
 									}
 
-									return Variation_Attribute_Connection_Resolver::to_data_array( $attributes, $variation->ID );
+									return Variation_Attribute_Connection_Resolver::variation_attributes_to_data_array( $attributes, $variation->ID );
 								},
 							],
 						],

includes/type/object/class-cart-type.php

@@ -438,6 +438,64 @@ public static function register_authorizing_url_fields( $fields_to_register ) {
 			);
 		}//end if
 
+		if ( in_array( 'account_url', $fields_to_register, true ) ) {
+			register_graphql_fields(
+				'Customer',
+				[
+					'accountUrl'   => [
+						'type'        => 'String',
+						'description' => __( 'A nonce link to the account page for session user. Expires in 24 hours.', 'wp-graphql-woocommerce' ),
+						'resolve'     => function( $source ) {
+							if ( ! is_user_logged_in() ) {
+								return null;
+							}
+
+							// Get current customer and user ID.
+							$customer_id     = $source->ID;
+							$current_user_id = get_current_user_id();
+
+							// Return null if current user not user being queried.
+							if ( 0 !== $current_user_id && $current_user_id !== $customer_id ) {
+								return null;
+							}
+
+							// Build nonced url as an unauthenticated user.
+							$nonce_name = woographql_setting( 'account_url_nonce_param', '_wc_account' );
+							$url        = add_query_arg(
+								[
+									'session_id' => $customer_id,
+									$nonce_name  => woographql_create_nonce( "load-account_{$customer_id}" ),
+								],
+								site_url( woographql_setting( 'authorizing_url_endpoint', 'transfer-session' ) )
+							);
+
+							return esc_url_raw( $url );
+						},
+					],
+					'accountNonce' => [
+						'type'        => 'String',
+						'description' => __( 'A nonce for the account page. By default, it expires in 1 hour.', 'wp-graphql-woocommerce' ),
+						'resolve'     => function( $source ) {
+							if ( ! is_user_logged_in() ) {
+								return null;
+							}
+
+							// Get current customer and user ID.
+							$customer_id     = $source->ID;
+							$current_user_id = get_current_user_id();
+
+							// Return null if current user not user being queried.
+							if ( 0 !== $current_user_id && $current_user_id !== $customer_id ) {
+								return null;
+							}
+
+							return woographql_create_nonce( "load-account_{$customer_id}" );
+						},
+					],
+				]
+			);
+		}//end if
+
 		if ( in_array( 'add_payment_method_url', $fields_to_register, true ) ) {
 			register_graphql_fields(
 				'Customer',
@@ -464,7 +522,7 @@ public static function register_authorizing_url_fields( $fields_to_register ) {
 							$url        = add_query_arg(
 								[
 									'session_id' => $customer_id,
-									$nonce_name  => woographql_create_nonce( "load-account_{$customer_id}" ),
+									$nonce_name  => woographql_create_nonce( "add-payment-method_{$customer_id}" ),
 								],
 								site_url( woographql_setting( 'authorizing_url_endpoint', 'transfer-session' ) )
 							);
@@ -476,6 +534,10 @@ public static function register_authorizing_url_fields( $fields_to_register ) {
 						'type'        => 'String',
 						'description' => __( 'A nonce for the add payment method page. By default, it expires in 1 hour.', 'wp-graphql-woocommerce' ),
 						'resolve'     => function( $source ) {
+							if ( ! is_user_logged_in() ) {
+								return null;
+							}
+
 							// Get current customer and user ID.
 							$customer_id     = $source->ID;
 							$current_user_id = get_current_user_id();
@@ -485,7 +547,7 @@ public static function register_authorizing_url_fields( $fields_to_register ) {
 								return null;
 							}
 
-							return woographql_create_nonce( "load-account_{$customer_id}" );
+							return woographql_create_nonce( "add-payment-method_{$customer_id}" );
 						},
 					],
 				]

includes/type/object/class-customer-type.php

@@ -222,6 +222,7 @@ public static function get_nonce_names() {
 		foreach ( array_keys( $enabled_authorizing_url_fields ) as $field ) {
 			$nonce_names[ $field ] = WooCommerce_Filters::get_authorizing_url_nonce_param_name( $field );
 		}
+
 		return array_filter( $nonce_names );
 	}
 
@@ -237,8 +238,10 @@ public function get_nonce_prefix( $field ) {
 				return 'load-cart_';
 			case 'checkout_url':
 				return 'load-checkout_';
-			case 'add_payment_method_url':
+			case 'account_url':
 				return 'load-account_';
+			case 'add_payment_method_url':
+				return 'add-payment-method_';
 			default:
 				return apply_filters( 'woographql_auth_nonce_prefix', null, $field, $this );
 		}
@@ -247,15 +250,23 @@ public function get_nonce_prefix( $field ) {
 	/**
 	 * Returns the target endpoint url for the provided field.
 	 *
+	 * @todo Add error logging here when WC Page needs to be created.
+	 *
 	 * @param string $field  Field.
 	 * @return string|null
 	 */
 	public function get_target_endpoint( $field ) {
 		switch ( $field ) {
 			case 'cart_url':
-				return wc_get_endpoint_url( 'cart' );
+				$cart_page_id  = wc_get_page_id( 'cart' );
+				$cart_page_url = get_permalink( $cart_page_id );
+				return $cart_page_url ? $cart_page_url : null;
 			case 'checkout_url':
 				return wc_get_endpoint_url( 'checkout' );
+			case 'account_url':
+				$account_page_id  = get_option( 'woocommerce_myaccount_page_id' );
+				$account_page_url = get_permalink( $account_page_id );
+				return $account_page_url ? $account_page_url : null;
 			case 'add_payment_method_url':
 				return wc_get_account_endpoint_url( 'add-payment-method' );
 			default: