From 978914ceb7034b52e20f823da48b1d8afb703114 Mon Sep 17 00:00:00 2001 From: Tim Carr Date: Fri, 13 Feb 2026 11:05:29 +0800 Subject: [PATCH 1/2] Member Content: REST API: Improvements --- resources/frontend/js/restrict-content.js | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/resources/frontend/js/restrict-content.js b/resources/frontend/js/restrict-content.js index 48dd67290..9ec1442e7 100644 --- a/resources/frontend/js/restrict-content.js +++ b/resources/frontend/js/restrict-content.js @@ -150,10 +150,10 @@ function convertKitRestrictContentSubscriberAuthenticationSendCode( fetch(convertkit_restrict_content.subscriber_authentication_url, { method: 'POST', headers: { - 'Content-Type': 'application/x-www-form-urlencoded', + 'Content-Type': 'application/json', 'X-WP-Nonce': nonce, }, - body: new URLSearchParams({ + body: JSON.stringify({ convertkit_email: email, convertkit_resource_type: resource_type, convertkit_resource_id: resource_id, @@ -223,10 +223,10 @@ function convertKitRestrictContentSubscriberVerification( fetch(convertkit_restrict_content.subscriber_verification_url, { method: 'POST', headers: { - 'Content-Type': 'application/x-www-form-urlencoded', + 'Content-Type': 'application/json', 'X-WP-Nonce': nonce, }, - body: new URLSearchParams({ + body: JSON.stringify({ subscriber_code, token, convertkit_post_id: post_id, From 6af7a3669e5a158af1e761a4cc26d186bacb056b Mon Sep 17 00:00:00 2001 From: Tim Carr Date: Fri, 13 Feb 2026 11:07:24 +0800 Subject: [PATCH 2/2] Move tests to own test class --- .../RESTAPIRestrictContentTest.php | 309 ++++++++++++++++++ tests/Integration/RESTAPITest.php | 216 ------------ 2 files changed, 309 insertions(+), 216 deletions(-) create mode 100644 tests/Integration/RESTAPIRestrictContentTest.php diff --git a/tests/Integration/RESTAPIRestrictContentTest.php b/tests/Integration/RESTAPIRestrictContentTest.php new file mode 100644 index 000000000..02cd7e5eb --- /dev/null +++ b/tests/Integration/RESTAPIRestrictContentTest.php @@ -0,0 +1,309 @@ +settings = new \ConvertKit_Settings(); + $this->settings->save( + array( + 'access_token' => $_ENV['CONVERTKIT_OAUTH_ACCESS_TOKEN'], + 'refresh_token' => $_ENV['CONVERTKIT_OAUTH_REFRESH_TOKEN'], + 'token_expires' => ( time() + 10000 ), + ) + ); + } + + /** + * Performs actions after each test. + * + * @since 3.1.9 + */ + public function tearDown(): void + { + // Delete Credentials from Plugin's settings. + $this->settings->delete_credentials(); + parent::tearDown(); + } + + /** + * Test that the /wp-json/kit/v1/restrict-content/subscriber-authentication REST API route when + * requesting the subscriber authentication email to be sent for a given Form ID and subscriber + * + * @since 3.1.0 + */ + public function testRestrictContentSubscriberAuthenticationForm() + { + // Create a Post. + $post_id = static::factory()->post->create( [ 'post_title' => 'Test Post' ] ); + + // Build request. + $request = new \WP_REST_Request( 'POST', '/kit/v1/restrict-content/subscriber-authentication' ); + $request->set_header( 'Content-Type', 'application/x-www-form-urlencoded' ); + $request->set_body_params( + [ + 'convertkit_email' => $_ENV['CONVERTKIT_API_SUBSCRIBER_EMAIL'], + 'convertkit_resource_type' => 'form', + 'convertkit_resource_id' => $_ENV['CONVERTKIT_API_FORM_ID'], + 'convertkit_post_id' => $post_id, + ] + ); + + // Send request. + $response = rest_get_server()->dispatch( $request ); + + // Assert response is successful. + $this->assertSame( 200, $response->get_status() ); + + // Assert response data has the expected keys and data. + $data = $response->get_data(); + $this->assertIsArray( $data ); + $this->assertTrue( $data['success'] ); + $this->assertArrayHasKey( 'data', $data ); + } + + /** + * Test that the /wp-json/kit/v1/restrict-content/subscriber-authentication REST API route when + * requesting the subscriber authentication email to be sent for a given Form ID and an invalid subscriber email is given + * + * @since 3.1.0 + */ + public function testRestrictContentSubscriberAuthenticationFormInvalidEmail() + { + // Create a Post. + $post_id = static::factory()->post->create( [ 'post_title' => 'Test Post' ] ); + + // Build request. + $request = new \WP_REST_Request( 'POST', '/kit/v1/restrict-content/subscriber-authentication' ); + $request->set_header( 'Content-Type', 'application/x-www-form-urlencoded' ); + $request->set_body_params( + [ + 'convertkit_email' => 'fail@kit.com', + 'convertkit_resource_type' => 'form', + 'convertkit_resource_id' => $_ENV['CONVERTKIT_API_FORM_ID'], + 'convertkit_post_id' => $post_id, + ] + ); + + // Send request. + $response = rest_get_server()->dispatch( $request ); + + // Assert response is successful. + $this->assertSame( 200, $response->get_status() ); + + // Assert response data has the expected keys and data. + $data = $response->get_data(); + $this->assertIsArray( $data ); + $this->assertFalse( $data['success'] ); + $this->assertArrayHasKey( 'data', $data ); + } + + /** + * Test that the /wp-json/kit/v1/restrict-content/subscriber-authentication REST API route when + * requesting the subscriber authentication email to be sent for a given Tag ID and subscriber + * + * @since 3.1.0 + */ + public function testRestrictContentSubscriberAuthenticationTag() + { + // Create a Post. + $post_id = static::factory()->post->create( [ 'post_title' => 'Test Post' ] ); + + // Build request. + $request = new \WP_REST_Request( 'POST', '/kit/v1/restrict-content/subscriber-authentication' ); + $request->set_header( 'Content-Type', 'application/x-www-form-urlencoded' ); + $request->set_body_params( + [ + 'convertkit_email' => $_ENV['CONVERTKIT_API_SUBSCRIBER_EMAIL'], + 'convertkit_resource_type' => 'tag', + 'convertkit_resource_id' => $_ENV['CONVERTKIT_API_TAG_ID'], + 'convertkit_post_id' => $post_id, + ] + ); + + // Send request. + $response = rest_get_server()->dispatch( $request ); + + // Assert response is successful. + $this->assertSame( 200, $response->get_status() ); + + // Assert response data has the expected keys and data. + $data = $response->get_data(); + $this->assertIsArray( $data ); + $this->assertTrue( $data['success'] ); + $this->assertArrayHasKey( 'data', $data ); + } + + /** + * Test that the /wp-json/kit/v1/restrict-content/subscriber-authentication REST API route when + * requesting the subscriber authentication email to be sent for a given Tag ID and an invalid subscriber email is given + * + * @since 3.1.0 + */ + public function testRestrictContentSubscriberAuthenticationTagInvalidEmail() + { + // Create a Post. + $post_id = static::factory()->post->create( [ 'post_title' => 'Test Post' ] ); + + // Build request. + $request = new \WP_REST_Request( 'POST', '/kit/v1/restrict-content/subscriber-authentication' ); + $request->set_header( 'Content-Type', 'application/x-www-form-urlencoded' ); + $request->set_body_params( + [ + 'convertkit_email' => 'fail@kit.com', + 'convertkit_resource_type' => 'tag', + 'convertkit_resource_id' => $_ENV['CONVERTKIT_API_TAG_ID'], + 'convertkit_post_id' => $post_id, + ] + ); + + // Send request. + $response = rest_get_server()->dispatch( $request ); + + // Assert response is successful. + $this->assertSame( 200, $response->get_status() ); + + // Assert response data has the expected keys and data. + $data = $response->get_data(); + $this->assertIsArray( $data ); + $this->assertFalse( $data['success'] ); + $this->assertArrayHasKey( 'data', $data ); + } + + /** + * Test that the /wp-json/kit/v1/restrict-content/subscriber-authentication REST API route when + * requesting the subscriber authentication email to be sent for a given Product ID and subscriber + * + * @since 3.1.0 + */ + public function testRestrictContentSubscriberAuthenticationProduct() + { + // Create a Post. + $post_id = static::factory()->post->create( [ 'post_title' => 'Test Post' ] ); + + // Build request. + $request = new \WP_REST_Request( 'POST', '/kit/v1/restrict-content/subscriber-authentication' ); + $request->set_header( 'Content-Type', 'application/x-www-form-urlencoded' ); + $request->set_body_params( + [ + 'convertkit_email' => $_ENV['CONVERTKIT_API_SUBSCRIBER_EMAIL'], + 'convertkit_resource_type' => 'product', + 'convertkit_resource_id' => $_ENV['CONVERTKIT_API_PRODUCT_ID'], + 'convertkit_post_id' => $post_id, + ] + ); + + // Send request. + $response = rest_get_server()->dispatch( $request ); + + // Assert response is successful. + $this->assertSame( 200, $response->get_status() ); + + // Assert response data has the expected keys and data. + $data = $response->get_data(); + $this->assertIsArray( $data ); + $this->assertTrue( $data['success'] ); + $this->assertArrayHasKey( 'data', $data ); + } + + /** + * Test that the /wp-json/kit/v1/restrict-content/subscriber-authentication REST API route when + * requesting the subscriber authentication email to be sent for a given Product ID and an invalid subscriber email is given + * + * @since 3.1.0 + */ + public function testRestrictContentSubscriberAuthenticationProductInvalidEmail() + { + // Create a Post. + $post_id = static::factory()->post->create( [ 'post_title' => 'Test Post' ] ); + + // Build request. + $request = new \WP_REST_Request( 'POST', '/kit/v1/restrict-content/subscriber-authentication' ); + $request->set_header( 'Content-Type', 'application/x-www-form-urlencoded' ); + $request->set_body_params( + [ + 'convertkit_email' => 'fail@kit.com', + 'convertkit_resource_type' => 'product', + 'convertkit_resource_id' => $_ENV['CONVERTKIT_API_PRODUCT_ID'], + 'convertkit_post_id' => $post_id, + ] + ); + + // Send request. + $response = rest_get_server()->dispatch( $request ); + + // Assert response is successful. + $this->assertSame( 200, $response->get_status() ); + + // Assert response data has the expected keys and data. + $data = $response->get_data(); + $this->assertIsArray( $data ); + $this->assertFalse( $data['success'] ); + $this->assertArrayHasKey( 'data', $data ); + } + + /** + * Test that the /wp-json/kit/v1/subscriber/store-email-as-id-in-cookie REST API route stores + * the subscriber ID in a cookie when a valid email address is given. + * + * @since 3.1.7 + */ + public function testStoreEmailAsIDInCookie() + { + // Build request. + $request = new \WP_REST_Request( 'POST', '/kit/v1/subscriber/store-email-as-id-in-cookie' ); + $request->set_header( 'Content-Type', 'application/json' ); + $request->set_body_params( + [ + 'email' => $_ENV['CONVERTKIT_API_SUBSCRIBER_EMAIL'], + ], + ); + + // Send request. + $response = rest_get_server()->dispatch( $request ); + + // Assert response is successful. + $this->assertSame( 200, $response->get_status() ); + + // Assert response data has the expected keys and data. + $data = $response->get_data(); + $this->assertIsArray( $data ); + $this->assertEquals( (int) $_ENV['CONVERTKIT_API_SUBSCRIBER_ID'], (int) $data['id'] ); + } +} diff --git a/tests/Integration/RESTAPITest.php b/tests/Integration/RESTAPITest.php index e84ce8c4d..ff085d920 100644 --- a/tests/Integration/RESTAPITest.php +++ b/tests/Integration/RESTAPITest.php @@ -306,222 +306,6 @@ public function testRefreshResourcesRestrictContent() $this->assertArrayHasKeys( $data['products'][0], [ 'id', 'name', 'url', 'published' ] ); } - /** - * Test that the /wp-json/kit/v1/restrict-content/subscriber-authentication REST API route when - * requesting the subscriber authentication email to be sent for a given Form ID and subscriber - * - * @since 3.1.0 - */ - public function testRestrictContentSubscriberAuthenticationForm() - { - // Create a Post. - $post_id = static::factory()->post->create( [ 'post_title' => 'Test Post' ] ); - - // Build request. - $request = new \WP_REST_Request( 'POST', '/kit/v1/restrict-content/subscriber-authentication' ); - $request->set_header( 'Content-Type', 'application/x-www-form-urlencoded' ); - $request->set_body_params( - [ - 'convertkit_email' => $_ENV['CONVERTKIT_API_SUBSCRIBER_EMAIL'], - 'convertkit_resource_type' => 'form', - 'convertkit_resource_id' => $_ENV['CONVERTKIT_API_FORM_ID'], - 'convertkit_post_id' => $post_id, - ] - ); - - // Send request. - $response = rest_get_server()->dispatch( $request ); - - // Assert response is successful. - $this->assertSame( 200, $response->get_status() ); - - // Assert response data has the expected keys and data. - $data = $response->get_data(); - $this->assertIsArray( $data ); - $this->assertTrue( $data['success'] ); - $this->assertArrayHasKey( 'data', $data ); - } - - /** - * Test that the /wp-json/kit/v1/restrict-content/subscriber-authentication REST API route when - * requesting the subscriber authentication email to be sent for a given Form ID and an invalid subscriber email is given - * - * @since 3.1.0 - */ - public function testRestrictContentSubscriberAuthenticationFormInvalidEmail() - { - // Create a Post. - $post_id = static::factory()->post->create( [ 'post_title' => 'Test Post' ] ); - - // Build request. - $request = new \WP_REST_Request( 'POST', '/kit/v1/restrict-content/subscriber-authentication' ); - $request->set_header( 'Content-Type', 'application/x-www-form-urlencoded' ); - $request->set_body_params( - [ - 'convertkit_email' => 'fail@kit.com', - 'convertkit_resource_type' => 'form', - 'convertkit_resource_id' => $_ENV['CONVERTKIT_API_FORM_ID'], - 'convertkit_post_id' => $post_id, - ] - ); - - // Send request. - $response = rest_get_server()->dispatch( $request ); - - // Assert response is successful. - $this->assertSame( 200, $response->get_status() ); - - // Assert response data has the expected keys and data. - $data = $response->get_data(); - $this->assertIsArray( $data ); - $this->assertFalse( $data['success'] ); - $this->assertArrayHasKey( 'data', $data ); - } - - /** - * Test that the /wp-json/kit/v1/restrict-content/subscriber-authentication REST API route when - * requesting the subscriber authentication email to be sent for a given Tag ID and subscriber - * - * @since 3.1.0 - */ - public function testRestrictContentSubscriberAuthenticationTag() - { - // Create a Post. - $post_id = static::factory()->post->create( [ 'post_title' => 'Test Post' ] ); - - // Build request. - $request = new \WP_REST_Request( 'POST', '/kit/v1/restrict-content/subscriber-authentication' ); - $request->set_header( 'Content-Type', 'application/x-www-form-urlencoded' ); - $request->set_body_params( - [ - 'convertkit_email' => $_ENV['CONVERTKIT_API_SUBSCRIBER_EMAIL'], - 'convertkit_resource_type' => 'tag', - 'convertkit_resource_id' => $_ENV['CONVERTKIT_API_TAG_ID'], - 'convertkit_post_id' => $post_id, - ] - ); - - // Send request. - $response = rest_get_server()->dispatch( $request ); - - // Assert response is successful. - $this->assertSame( 200, $response->get_status() ); - - // Assert response data has the expected keys and data. - $data = $response->get_data(); - $this->assertIsArray( $data ); - $this->assertTrue( $data['success'] ); - $this->assertArrayHasKey( 'data', $data ); - } - - /** - * Test that the /wp-json/kit/v1/restrict-content/subscriber-authentication REST API route when - * requesting the subscriber authentication email to be sent for a given Tag ID and an invalid subscriber email is given - * - * @since 3.1.0 - */ - public function testRestrictContentSubscriberAuthenticationTagInvalidEmail() - { - // Create a Post. - $post_id = static::factory()->post->create( [ 'post_title' => 'Test Post' ] ); - - // Build request. - $request = new \WP_REST_Request( 'POST', '/kit/v1/restrict-content/subscriber-authentication' ); - $request->set_header( 'Content-Type', 'application/x-www-form-urlencoded' ); - $request->set_body_params( - [ - 'convertkit_email' => 'fail@kit.com', - 'convertkit_resource_type' => 'tag', - 'convertkit_resource_id' => $_ENV['CONVERTKIT_API_TAG_ID'], - 'convertkit_post_id' => $post_id, - ] - ); - - // Send request. - $response = rest_get_server()->dispatch( $request ); - - // Assert response is successful. - $this->assertSame( 200, $response->get_status() ); - - // Assert response data has the expected keys and data. - $data = $response->get_data(); - $this->assertIsArray( $data ); - $this->assertFalse( $data['success'] ); - $this->assertArrayHasKey( 'data', $data ); - } - - /** - * Test that the /wp-json/kit/v1/restrict-content/subscriber-authentication REST API route when - * requesting the subscriber authentication email to be sent for a given Product ID and subscriber - * - * @since 3.1.0 - */ - public function testRestrictContentSubscriberAuthenticationProduct() - { - // Create a Post. - $post_id = static::factory()->post->create( [ 'post_title' => 'Test Post' ] ); - - // Build request. - $request = new \WP_REST_Request( 'POST', '/kit/v1/restrict-content/subscriber-authentication' ); - $request->set_header( 'Content-Type', 'application/x-www-form-urlencoded' ); - $request->set_body_params( - [ - 'convertkit_email' => $_ENV['CONVERTKIT_API_SUBSCRIBER_EMAIL'], - 'convertkit_resource_type' => 'product', - 'convertkit_resource_id' => $_ENV['CONVERTKIT_API_PRODUCT_ID'], - 'convertkit_post_id' => $post_id, - ] - ); - - // Send request. - $response = rest_get_server()->dispatch( $request ); - - // Assert response is successful. - $this->assertSame( 200, $response->get_status() ); - - // Assert response data has the expected keys and data. - $data = $response->get_data(); - $this->assertIsArray( $data ); - $this->assertTrue( $data['success'] ); - $this->assertArrayHasKey( 'data', $data ); - } - - /** - * Test that the /wp-json/kit/v1/restrict-content/subscriber-authentication REST API route when - * requesting the subscriber authentication email to be sent for a given Product ID and an invalid subscriber email is given - * - * @since 3.1.0 - */ - public function testRestrictContentSubscriberAuthenticationProductInvalidEmail() - { - // Create a Post. - $post_id = static::factory()->post->create( [ 'post_title' => 'Test Post' ] ); - - // Build request. - $request = new \WP_REST_Request( 'POST', '/kit/v1/restrict-content/subscriber-authentication' ); - $request->set_header( 'Content-Type', 'application/x-www-form-urlencoded' ); - $request->set_body_params( - [ - 'convertkit_email' => 'fail@kit.com', - 'convertkit_resource_type' => 'product', - 'convertkit_resource_id' => $_ENV['CONVERTKIT_API_PRODUCT_ID'], - 'convertkit_post_id' => $post_id, - ] - ); - - // Send request. - $response = rest_get_server()->dispatch( $request ); - - // Assert response is successful. - $this->assertSame( 200, $response->get_status() ); - - // Assert response data has the expected keys and data. - $data = $response->get_data(); - $this->assertIsArray( $data ); - $this->assertFalse( $data['success'] ); - $this->assertArrayHasKey( 'data', $data ); - } - /** * Test that the /wp-json/kit/v1/subscriber/store-email-as-id-in-cookie REST API route stores * the subscriber ID in a cookie when a valid email address is given.