ben/upskill-event-manager
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 2

refactor: Replace Zoho .env configuration with WordPress admin interface

Browse source 
- Replace environment variable-based configuration with user-friendly admin interface
- Add credentials configuration form with Client ID and Secret fields
- Implement OAuth authorization flow directly from admin interface
- Add comprehensive credential validation and error handling
- Update Zoho auth class to use WordPress options instead of defined constants
- Add improved admin styling with responsive design
- Include copy-to-clipboard functionality for redirect URI
- Maintain backward compatibility with existing config file approach

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
bengizmo 2025-06-14 23:57:20 -03:00
parent 5896765533
commit 0c661a1a56
3 changed files with 458 additions and 149 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

123
wordpress-dev/wordpress/wp-content/plugins/hvac-community-events/assets/css/zoho-admin.css
View file

@ -1,7 +1,66 @@
/**
* Zoho CRM Admin Styles
* Zoho CRM Admin Interface Styles
*/
/* Credentials Configuration Section */
.hvac-zoho-credentials {
background: #fff;
border: 1px solid #c3c4c7;
border-radius: 4px;
padding: 20px;
margin: 20px 0;
box-shadow: 0 1px 1px rgba(0,0,0,0.04);
}
.hvac-zoho-credentials h2 {
margin-top: 0;
margin-bottom: 15px;
color: #1d2327;
font-size: 1.3em;
}
.hvac-zoho-credentials .form-table th {
width: 200px;
padding: 15px 10px 15px 0;
}
.hvac-zoho-credentials .form-table td {
padding: 15px 10px;
}
.hvac-zoho-credentials input[type="text"],
.hvac-zoho-credentials input[type="password"] {
width: 100%;
max-width: 500px;
}
.hvac-zoho-credentials .description {
color: #646970;
font-size: 13px;
margin-top: 5px;
}
.hvac-zoho-credentials .description a {
color: #2271b1;
text-decoration: none;
}
.hvac-zoho-credentials .description a:hover {
color: #135e96;
text-decoration: underline;
}
.hvac-zoho-credentials code {
background: #f6f7f7;
border: 1px solid #c3c4c7;
padding: 8px 12px;
border-radius: 3px;
font-family: Consolas, Monaco, monospace;
font-size: 13px;
display: inline-block;
margin-right: 10px;
}
/* Main Sections */
.hvac-zoho-status,
.hvac-zoho-sync,
@ -9,8 +68,9 @@
margin-top: 30px;
background: #fff;
padding: 20px;
border: 1px solid #ccc;
border: 1px solid #c3c4c7;
border-radius: 4px;
box-shadow: 0 1px 1px rgba(0,0,0,0.04);
}
.sync-section {
@ -125,4 +185,63 @@ code {
margin-top: 0.5em;
margin-bottom: 0.5em;
color: #0073aa;
}
/* Status indicators */
.dashicons.dashicons-yes-alt {
color: #46b450;
}
.dashicons.dashicons-warning {
color: #ffb900;
}
.dashicons.dashicons-dismiss {
color: #dc3232;
}
/* Copy button styling */
#copy-redirect-uri {
font-size: 11px;
height: 22px;
line-height: 20px;
padding: 0 8px;
margin-left: 8px;
}
/* OAuth button styling */
#start-oauth {
background: #00a32a;
border-color: #00a32a;
color: #fff;
}
#start-oauth:hover {
background: #008a20;
border-color: #008a20;
}
/* Loading states */
.button[disabled] {
opacity: 0.6;
cursor: not-allowed;
}
/* Responsive adjustments */
@media (max-width: 782px) {
.hvac-zoho-credentials .form-table th,
.hvac-zoho-credentials .form-table td {
display: block;
width: 100%;
padding: 10px 0;
}
.hvac-zoho-credentials .form-table th {
padding-bottom: 5px;
}
.hvac-zoho-credentials input[type="text"],
.hvac-zoho-credentials input[type="password"] {
max-width: none;
}
}

444
wordpress-dev/wordpress/wp-content/plugins/hvac-community-events/includes/admin/class-zoho-admin.php
View file

@ -22,6 +22,7 @@ class HVAC_Zoho_Admin {
add_action('admin_enqueue_scripts', array($this, 'enqueue_admin_scripts'));
add_action('wp_ajax_hvac_zoho_test_connection', array($this, 'test_connection'));
add_action('wp_ajax_hvac_zoho_sync_data', array($this, 'sync_data'));
add_action('wp_ajax_hvac_zoho_save_credentials', array($this, 'save_credentials'));
// Add simple test handler
add_action('wp_ajax_hvac_zoho_simple_test', array($this, 'simple_test'));
// Add OAuth callback handler
@ -94,8 +95,6 @@ class HVAC_Zoho_Admin {
* Render admin page
*/
public function render_admin_page() {
$config_file = HVAC_CE_PLUGIN_DIR . 'includes/zoho/zoho-config.php';
$is_configured = file_exists($config_file);
$site_url = get_site_url();
$is_staging = strpos($site_url, 'upskillhvac.com') === false;
@ -115,6 +114,24 @@ class HVAC_Zoho_Admin {
break;
}
}
// Get stored credentials
$client_id = get_option('hvac_zoho_client_id', '');
$client_secret = get_option('hvac_zoho_client_secret', '');
$stored_refresh_token = get_option('hvac_zoho_refresh_token', '');
$has_credentials = !empty($client_id) && !empty($client_secret);
// Handle form submission
if (isset($_GET['credentials_saved'])) {
echo '<div class="notice notice-success is-dismissible"><p>Zoho CRM credentials saved successfully!</p></div>';
}
if (isset($_GET['oauth_success'])) {
echo '<div class="notice notice-success is-dismissible"><p>OAuth authorization completed successfully!</p></div>';
}
if (isset($_GET['oauth_error'])) {
echo '<div class="notice notice-error is-dismissible"><p>OAuth authorization failed. Please try again.</p></div>';
}
?>
<div class="wrap">
<h1>Zoho CRM Sync</h1>
@ -125,55 +142,98 @@ class HVAC_Zoho_Admin {
<p><strong>Current site:</strong> <?php echo esc_html($site_url); ?></p>
<p>Staging mode is active. Data sync will be simulated only. No actual data will be sent to Zoho CRM.</p>
<p>Production sync is only enabled on <strong>upskillhvac.com</strong></p>
<p><strong>OAuth Redirect URI:</strong> <?php echo defined('ZOHO_REDIRECT_URI') ? esc_html(ZOHO_REDIRECT_URI) : 'Not defined'; ?></p>
<p><em>If you're having connection issues, please ensure your Zoho OAuth settings match this redirect URI.</em></p>
<p><strong>OAuth Redirect URI:</strong> <?php echo esc_html($site_url . '/oauth/callback'); ?></p>
<p><em>Use this redirect URI in your Zoho OAuth app configuration.</em></p>
</div>
<?php endif; ?>
<?php if (!$is_configured): ?>
<div class="notice notice-warning">
<p>Zoho CRM is not configured. Please complete the OAuth setup first.</p>
<p>Run: <code>./bin/zoho-setup-complete.sh</code></p>
</div>
<?php else: ?>
<!-- Credentials Configuration Section -->
<div class="hvac-zoho-credentials">
<h2>🔑 Zoho CRM Credentials</h2>
<form id="zoho-credentials-form" method="post">
<?php wp_nonce_field('hvac_zoho_credentials', 'hvac_zoho_nonce'); ?>
<table class="form-table">
<tr>
<th scope="row">
<label for="zoho_client_id">Client ID</label>
</th>
<td>
<input type="text" id="zoho_client_id" name="zoho_client_id"
value="<?php echo esc_attr($client_id); ?>"
class="regular-text"
placeholder="1000.XXXXXXXXXXXXXXXXXXXXXXXX" />
<p class="description">
Your Zoho OAuth Client ID from the Zoho Developer Console.
<a href="https://accounts.zoho.com/developerconsole" target="_blank">Get your Client ID</a>
</p>
</td>
</tr>
<tr>
<th scope="row">
<label for="zoho_client_secret">Client Secret</label>
</th>
<td>
<input type="password" id="zoho_client_secret" name="zoho_client_secret"
value="<?php echo esc_attr($client_secret); ?>"
class="regular-text"
placeholder="Enter your client secret" />
<p class="description">
Your Zoho OAuth Client Secret from the Zoho Developer Console.
<button type="button" id="toggle-secret" class="button button-small">Show</button>
</p>
</td>
</tr>
<tr>
<th scope="row">OAuth Redirect URI</th>
<td>
<code><?php echo esc_html($site_url . '/oauth/callback'); ?></code>
<p class="description">
Use this exact URL in your Zoho OAuth app configuration.
<button type="button" id="copy-redirect-uri" class="button button-small">Copy</button>
</p>
</td>
</tr>
<tr>
<th scope="row">Connection Status</th>
<td>
<?php if (!$has_credentials): ?>
<span class="dashicons dashicons-dismiss" style="color: #dc3232;"></span>
<span style="color: #dc3232;">No credentials configured</span>
<?php elseif (empty($stored_refresh_token)): ?>
<span class="dashicons dashicons-warning" style="color: #ffb900;"></span>
<span style="color: #ffb900;">Credentials set, OAuth authorization required</span>
<?php else: ?>
<span class="dashicons dashicons-yes-alt" style="color: #46b450;"></span>
<span style="color: #46b450;">Connected and authorized</span>
<?php endif; ?>
</td>
</tr>
</table>
<p class="submit">
<button type="submit" class="button button-primary" id="save-credentials">
Save Credentials
</button>
<?php if ($has_credentials && empty($stored_refresh_token)): ?>
<button type="button" class="button button-secondary" id="start-oauth" style="margin-left: 10px;">
🚀 Authorize with Zoho
</button>
<?php endif; ?>
</p>
</form>
</div>
<?php if ($has_credentials): ?>
<div class="hvac-zoho-status">
<h2>Connection Status</h2>
<h2>Connection Test</h2>
<p>Test your Zoho CRM connection to ensure everything is working properly.</p>
<?php
// Check for OAuth authorization requirement
if (file_exists($config_file)) {
require_once $config_file;
}
$stored_refresh_token = get_option('hvac_zoho_refresh_token');
$has_credentials = defined('ZOHO_CLIENT_ID') && !empty(ZOHO_CLIENT_ID) && defined('ZOHO_CLIENT_SECRET') && !empty(ZOHO_CLIENT_SECRET);
if ($has_credentials && empty($stored_refresh_token)):
// Show OAuth authorization directly
require_once HVAC_CE_PLUGIN_DIR . 'includes/zoho/class-zoho-crm-auth.php';
$auth = new HVAC_Zoho_CRM_Auth();
$auth_url = $auth->get_authorization_url();
?>
<?php if (empty($stored_refresh_token)): ?>
<div class="notice notice-warning">
<h3>🔐 OAuth Authorization Required</h3>
<p><strong>You have valid credentials but need to complete OAuth authorization to get a fresh token</strong></p>
<ol>
<li>Click the authorization URL below</li>
<li>Sign in to your Zoho account</li>
<li>Grant permissions to the application</li>
<li>You will be redirected back and the refresh token will be saved automatically</li>
</ol>
<p>
<a href="<?php echo esc_url($auth_url); ?>" target="_blank" class="button button-primary" style="margin: 10px 0;">
🚀 Authorize with Zoho CRM
</a>
</p>
<p><strong>Current Status:</strong></p>
<ul>
<li>Client ID: <?php echo esc_html(substr(ZOHO_CLIENT_ID, 0, 10) . '...'); ?></li>
<li>Client Secret: Loaded</li>
<li>Refresh Token: Missing</li>
</ul>
<p><em>After authorization, refresh this page and test the connection.</em></p>
<p><strong>⚠️ OAuth Authorization Required</strong></p>
<p>You have saved credentials but need to authorize the application with Zoho CRM.</p>
<p>Click "Authorize with Zoho" above to complete the setup.</p>
</div>
<?php else: ?>
<button class="button button-primary" id="test-connection">Test Connection</button>
@ -228,6 +288,82 @@ class HVAC_Zoho_Admin {
</div>
<?php endif; ?>
</div>
<script>
jQuery(document).ready(function($) {
// Toggle password visibility
$('#toggle-secret').on('click', function() {
var passwordField = $('#zoho_client_secret');
var toggleBtn = $(this);
if (passwordField.attr('type') === 'password') {
passwordField.attr('type', 'text');
toggleBtn.text('Hide');
} else {
passwordField.attr('type', 'password');
toggleBtn.text('Show');
}
});
// Copy redirect URI to clipboard
$('#copy-redirect-uri').on('click', function() {
var redirectUri = '<?php echo esc_js($site_url . '/oauth/callback'); ?>';
navigator.clipboard.writeText(redirectUri).then(function() {
$('#copy-redirect-uri').text('Copied!').prop('disabled', true);
setTimeout(function() {
$('#copy-redirect-uri').text('Copy').prop('disabled', false);
}, 2000);
});
});
// Handle credentials form submission
$('#zoho-credentials-form').on('submit', function(e) {
e.preventDefault();
var formData = {
action: 'hvac_zoho_save_credentials',
zoho_client_id: $('#zoho_client_id').val(),
zoho_client_secret: $('#zoho_client_secret').val(),
nonce: $('input[name="hvac_zoho_nonce"]').val()
};
$('#save-credentials').prop('disabled', true).text('Saving...');
$.post(ajaxurl, formData, function(response) {
if (response.success) {
window.location.href = window.location.href + '&credentials_saved=1';
} else {
alert('Error saving credentials: ' + response.data.message);
$('#save-credentials').prop('disabled', false).text('Save Credentials');
}
});
});
// Handle OAuth authorization
$('#start-oauth').on('click', function() {
var clientId = $('#zoho_client_id').val();
var clientSecret = $('#zoho_client_secret').val();
if (!clientId || !clientSecret) {
alert('Please save your credentials first before starting OAuth authorization.');
return;
}
// Generate OAuth URL
var redirectUri = '<?php echo esc_js($site_url . '/oauth/callback'); ?>';
var scopes = 'ZohoCRM.settings.ALL,ZohoCRM.modules.ALL,ZohoCRM.users.ALL,ZohoCRM.org.ALL,ZohoCRM.bulk.READ';
var oauthUrl = 'https://accounts.zoho.com/oauth/v2/auth?' +
'scope=' + encodeURIComponent(scopes) +
'&client_id=' + encodeURIComponent(clientId) +
'&response_type=code' +
'&access_type=offline' +
'&redirect_uri=' + encodeURIComponent(redirectUri) +
'&prompt=consent';
window.open(oauthUrl, '_blank');
});
});
</script>
<?php
}
@ -239,6 +375,47 @@ class HVAC_Zoho_Admin {
wp_send_json_success(array('message' => 'Simple test works!'));
}
/**
* Save Zoho CRM credentials
*/
public function save_credentials() {
if (!current_user_can('manage_options')) {
wp_send_json_error(array('message' => 'Unauthorized access'));
return;
}
if (!check_ajax_referer('hvac_zoho_credentials', 'nonce', false)) {
wp_send_json_error(array('message' => 'Invalid nonce'));
return;
}
$client_id = sanitize_text_field($_POST['zoho_client_id']);
$client_secret = sanitize_text_field($_POST['zoho_client_secret']);
if (empty($client_id) || empty($client_secret)) {
wp_send_json_error(array('message' => 'Client ID and Client Secret are required'));
return;
}
// Validate Client ID format (should start with "1000.")
if (!preg_match('/^1000\.[A-Z0-9]+$/', $client_id)) {
wp_send_json_error(array('message' => 'Invalid Client ID format. Should start with "1000."'));
return;
}
// Save credentials
update_option('hvac_zoho_client_id', $client_id);
update_option('hvac_zoho_client_secret', $client_secret);
// Clear any existing refresh token since credentials changed
delete_option('hvac_zoho_refresh_token');
wp_send_json_success(array(
'message' => 'Credentials saved successfully',
'client_id_preview' => substr($client_id, 0, 10) . '...'
));
}
/**
* Add OAuth query vars
*/
@ -273,27 +450,56 @@ class HVAC_Zoho_Admin {
error_log('OAuth callback received with code: ' . substr($_GET['code'], 0, 20) . '...');
// Load Zoho configuration
$config_file = HVAC_CE_PLUGIN_DIR . 'includes/zoho/zoho-config.php';
if (file_exists($config_file)) {
require_once $config_file;
// Get credentials from WordPress options
$client_id = get_option('hvac_zoho_client_id', '');
$client_secret = get_option('hvac_zoho_client_secret', '');
if (empty($client_id) || empty($client_secret)) {
wp_die('OAuth callback error: Missing client credentials. Please configure your Zoho CRM credentials first.');
}
require_once HVAC_CE_PLUGIN_DIR . 'includes/zoho/class-zoho-crm-auth.php';
$auth = new HVAC_Zoho_CRM_Auth();
// Exchange authorization code for tokens
$token_url = 'https://accounts.zoho.com/oauth/v2/token';
$redirect_uri = get_site_url() . '/oauth/callback';
// Exchange code for refresh token
$result = $auth->exchange_code_for_tokens($_GET['code']);
$token_params = array(
'grant_type' => 'authorization_code',
'client_id' => $client_id,
'client_secret' => $client_secret,
'redirect_uri' => $redirect_uri,
'code' => $_GET['code']
);
if ($result) {
// Success - redirect to admin page with success message
wp_redirect(admin_url('admin.php?page=hvac-zoho-sync&oauth=success'));
exit;
} else {
// Error - redirect with error message
wp_redirect(admin_url('admin.php?page=hvac-zoho-sync&oauth=error'));
$response = wp_remote_post($token_url, array(
'body' => $token_params,
'timeout' => 30
));
if (is_wp_error($response)) {
error_log('OAuth token exchange error: ' . $response->get_error_message());
wp_redirect(admin_url('admin.php?page=hvac-zoho-sync&oauth_error=1'));
exit;
}
$body = wp_remote_retrieve_body($response);
$token_data = json_decode($body, true);
if (!isset($token_data['access_token']) || !isset($token_data['refresh_token'])) {
error_log('OAuth token exchange failed: ' . $body);
wp_redirect(admin_url('admin.php?page=hvac-zoho-sync&oauth_error=1'));
exit;
}
// Save the refresh token for future use
update_option('hvac_zoho_refresh_token', $token_data['refresh_token']);
update_option('hvac_zoho_access_token', $token_data['access_token']);
update_option('hvac_zoho_token_expires', time() + $token_data['expires_in']);
error_log('OAuth tokens saved successfully');
// Success - redirect to admin page with success message
wp_redirect(admin_url('admin.php?page=hvac-zoho-sync&oauth_success=1'));
exit;
}
/**
@ -312,8 +518,7 @@ class HVAC_Zoho_Admin {
error_log('test_connection method called');
try {
// Skip nonce check for now to debug
// check_ajax_referer('hvac_zoho_nonce', 'nonce');
check_ajax_referer('hvac_zoho_nonce', 'nonce');
if (!current_user_can('manage_options')) {
wp_send_json_error(array('message' => 'Unauthorized access'));
@ -322,97 +527,65 @@ class HVAC_Zoho_Admin {
error_log('Authorization check passed');
// Load Zoho configuration
$config_file = HVAC_CE_PLUGIN_DIR . 'includes/zoho/zoho-config.php';
if (file_exists($config_file)) {
require_once $config_file;
error_log('Zoho config loaded');
} else {
error_log('Zoho config file not found: ' . $config_file);
}
// Get credentials from WordPress options
$client_id = get_option('hvac_zoho_client_id', '');
$client_secret = get_option('hvac_zoho_client_secret', '');
// Simple .env loading first
$env_file = ABSPATH . '.env';
$debug_info = array(
'env_file_exists' => file_exists($env_file),
'env_file_path' => $env_file,
'abspath' => ABSPATH
);
if (file_exists($env_file)) {
$content = file_get_contents($env_file);
if (preg_match('/ZOHO_CLIENT_ID=([^\r\n]+)/', $content, $matches)) {
if (!defined('ZOHO_CLIENT_ID')) {
define('ZOHO_CLIENT_ID', trim($matches[1]));
}
$debug_info['client_id_found'] = 'Yes';
}
if (preg_match('/ZOHO_CLIENT_SECRET=([^\r\n]+)/', $content, $matches)) {
if (!defined('ZOHO_CLIENT_SECRET')) {
define('ZOHO_CLIENT_SECRET', trim($matches[1]));
}
$debug_info['client_secret_found'] = 'Yes';
}
if (preg_match('/ZOHO_REFRESH_TOKEN=([^\r\n]+)/', $content, $matches)) {
if (!defined('ZOHO_REFRESH_TOKEN')) {
define('ZOHO_REFRESH_TOKEN', trim($matches[1]));
}
$debug_info['refresh_token_found'] = 'Yes';
}
}
// Check configuration before attempting connection
if (!defined('ZOHO_CLIENT_ID') || empty(ZOHO_CLIENT_ID)) {
if (empty($client_id)) {
wp_send_json_error(array(
'message' => 'Configuration Error',
'error' => 'ZOHO_CLIENT_ID is not configured',
'details' => 'Please check your .env file and ensure ZOHO_CLIENT_ID is set',
'help' => 'Add ZOHO_CLIENT_ID=your_client_id to your .env file',
'debug' => $debug_info
'error' => 'Client ID is not configured',
'details' => 'Please enter your Zoho CRM Client ID in the form above',
'help' => 'Get your Client ID from the Zoho Developer Console'
));
return;
}
if (!defined('ZOHO_CLIENT_SECRET') || empty(ZOHO_CLIENT_SECRET)) {
if (empty($client_secret)) {
wp_send_json_error(array(
'message' => 'Configuration Error',
'error' => 'ZOHO_CLIENT_SECRET is not configured',
'details' => 'Please check your .env file and ensure ZOHO_CLIENT_SECRET is set',
'help' => 'Add ZOHO_CLIENT_SECRET=your_client_secret to your .env file'
'error' => 'Client Secret is not configured',
'details' => 'Please enter your Zoho CRM Client Secret in the form above',
'help' => 'Get your Client Secret from the Zoho Developer Console'
));
return;
}
// Check if we have stored refresh token from previous OAuth
$stored_refresh_token = get_option('hvac_zoho_refresh_token');
$env_refresh_token = defined('ZOHO_REFRESH_TOKEN') ? ZOHO_REFRESH_TOKEN : '';
// If no stored refresh token, trigger OAuth even if env token exists
// (env tokens are often old/expired)
if (empty($stored_refresh_token)) {
error_log('No stored refresh token found, triggering OAuth authorization');
require_once HVAC_CE_PLUGIN_DIR . 'includes/zoho/class-zoho-crm-auth.php';
$auth = new HVAC_Zoho_CRM_Auth();
$auth_url = $auth->get_authorization_url();
$site_url = get_site_url();
$redirect_uri = $site_url . '/oauth/callback';
$scopes = 'ZohoCRM.settings.ALL,ZohoCRM.modules.ALL,ZohoCRM.users.ALL,ZohoCRM.org.ALL,ZohoCRM.bulk.READ';
$auth_url = 'https://accounts.zoho.com/oauth/v2/auth?' . http_build_query(array(
'scope' => $scopes,
'client_id' => $client_id,
'response_type' => 'code',
'access_type' => 'offline',
'redirect_uri' => $redirect_uri,
'prompt' => 'consent'
));
wp_send_json_error(array(
'message' => 'OAuth Authorization Required',
'error' => 'No stored refresh token found',
'details' => 'You have valid credentials but need to complete OAuth authorization to get a fresh token',
'help' => 'Click the authorization link below to complete setup',
'help' => 'Click the "Authorize with Zoho" button above to complete setup',
'next_steps' => array(
'1. Click the authorization URL below',
'1. Click the "Authorize with Zoho" button above',
'2. Sign in to your Zoho account',
'3. Grant permissions to the application',
'4. You will be redirected back and the refresh token will be saved automatically'
),
'auth_url' => $auth_url,
'credentials_status' => array(
'client_id' => substr(ZOHO_CLIENT_ID, 0, 10) . '...',
'client_id' => substr($client_id, 0, 10) . '...',
'client_secret_exists' => true,
'refresh_token_exists' => false,
'env_token_found' => !empty($env_refresh_token)
'refresh_token_exists' => false
)
));
return;
@ -422,7 +595,7 @@ class HVAC_Zoho_Admin {
require_once HVAC_CE_PLUGIN_DIR . 'includes/zoho/class-zoho-crm-auth.php';
$auth = new HVAC_Zoho_CRM_Auth();
error_log('Testing API with refresh token: ' . substr($env_refresh_token ?: $stored_refresh_token, 0, 10) . '...');
error_log('Testing API with refresh token: ' . substr($stored_refresh_token, 0, 10) . '...');
// Test API call
$response = $auth->make_api_request('/settings/modules', 'GET');
@ -449,20 +622,33 @@ class HVAC_Zoho_Admin {
delete_option('hvac_zoho_refresh_token');
$auth_url = $auth->get_authorization_url();
$site_url = get_site_url();
$redirect_uri = $site_url . '/oauth/callback';
$scopes = 'ZohoCRM.settings.ALL,ZohoCRM.modules.ALL,ZohoCRM.users.ALL,ZohoCRM.org.ALL,ZohoCRM.bulk.READ';
$new_auth_url = 'https://accounts.zoho.com/oauth/v2/auth?' . http_build_query(array(
'scope' => $scopes,
'client_id' => $client_id,
'response_type' => 'code',
'access_type' => 'offline',
'redirect_uri' => $redirect_uri,
'prompt' => 'consent'
));
wp_send_json_error(array(
'message' => 'OAuth Authorization Required',
'error' => 'Refresh token expired or invalid',
'details' => 'The stored refresh token is no longer valid. Please re-authorize.',
'help' => 'Click the authorization link below to complete setup',
'help' => 'Refresh the page and click "Authorize with Zoho" again',
'next_steps' => array(
'1. Click the authorization URL below',
'2. Sign in to your Zoho account',
'3. Grant permissions to the application',
'4. You will be redirected back and the refresh token will be saved automatically'
'1. Refresh this page',
'2. Click the "Authorize with Zoho" button',
'3. Sign in to your Zoho account',
'4. Grant permissions to the application',
'5. You will be redirected back and the refresh token will be saved automatically'
),
'auth_url' => $auth_url,
'auth_url' => $new_auth_url,
'credentials_status' => array(
'client_id' => substr(ZOHO_CLIENT_ID, 0, 10) . '...',
'client_id' => substr($client_id, 0, 10) . '...',
'client_secret_exists' => true,
'refresh_token_exists' => false
)
@ -483,7 +669,7 @@ class HVAC_Zoho_Admin {
'message' => 'Connection successful!',
'modules' => isset($response['modules']) ? count($response['modules']) . ' modules available' : 'API connected',
'credentials_status' => array(
'client_id' => substr(ZOHO_CLIENT_ID, 0, 10) . '...',
'client_id' => substr($client_id, 0, 10) . '...',
'client_secret_exists' => true,
'refresh_token_exists' => true,
'api_working' => true

40
wordpress-dev/wordpress/wp-content/plugins/hvac-community-events/includes/zoho/class-zoho-crm-auth.php
View file

@ -23,15 +23,23 @@ class HVAC_Zoho_CRM_Auth {
private $last_error = null;
public function __construct() {
// Load configuration if available
$config_file = plugin_dir_path(__FILE__) . 'zoho-config.php';
if (file_exists($config_file)) {
require_once $config_file;
$this->client_id = defined('ZOHO_CLIENT_ID') ? ZOHO_CLIENT_ID : '';
$this->client_secret = defined('ZOHO_CLIENT_SECRET') ? ZOHO_CLIENT_SECRET : '';
$this->refresh_token = defined('ZOHO_REFRESH_TOKEN') ? ZOHO_REFRESH_TOKEN : '';
$this->redirect_uri = defined('ZOHO_REDIRECT_URI') ? ZOHO_REDIRECT_URI : 'http://localhost:8080/callback';
// Load credentials from WordPress options (new approach)
$this->client_id = get_option('hvac_zoho_client_id', '');
$this->client_secret = get_option('hvac_zoho_client_secret', '');
$this->refresh_token = get_option('hvac_zoho_refresh_token', '');
$this->redirect_uri = get_site_url() . '/oauth/callback';
// Fallback to config file if options are empty (backward compatibility)
if (empty($this->client_id) || empty($this->client_secret)) {
$config_file = plugin_dir_path(__FILE__) . 'zoho-config.php';
if (file_exists($config_file)) {
require_once $config_file;
$this->client_id = empty($this->client_id) && defined('ZOHO_CLIENT_ID') ? ZOHO_CLIENT_ID : $this->client_id;
$this->client_secret = empty($this->client_secret) && defined('ZOHO_CLIENT_SECRET') ? ZOHO_CLIENT_SECRET : $this->client_secret;
$this->refresh_token = empty($this->refresh_token) && defined('ZOHO_REFRESH_TOKEN') ? ZOHO_REFRESH_TOKEN : $this->refresh_token;
$this->redirect_uri = defined('ZOHO_REDIRECT_URI') ? ZOHO_REDIRECT_URI : $this->redirect_uri;
}
}
// Load stored access token from WordPress options
@ -43,7 +51,7 @@ class HVAC_Zoho_CRM_Auth {
*/
public function get_authorization_url() {
$params = array(
'scope' => defined('ZOHO_SCOPES') ? ZOHO_SCOPES : 'ZohoCRM.settings.all,ZohoCRM.modules.all,ZohoCRM.users.all,ZohoCRM.org.all',
'scope' => 'ZohoCRM.settings.ALL,ZohoCRM.modules.ALL,ZohoCRM.users.ALL,ZohoCRM.org.ALL,ZohoCRM.bulk.READ',
'client_id' => $this->client_id,
'response_type' => 'code',
'access_type' => 'offline',
@ -51,16 +59,14 @@ class HVAC_Zoho_CRM_Auth {
'prompt' => 'consent'
);
$accounts_url = defined('ZOHO_ACCOUNTS_URL') ? ZOHO_ACCOUNTS_URL : 'https://accounts.zoho.com';
return $accounts_url . '/oauth/v2/auth?' . http_build_query($params);
return 'https://accounts.zoho.com/oauth/v2/auth?' . http_build_query($params);
}
/**
* Exchange authorization code for tokens
*/
public function exchange_code_for_tokens($auth_code) {
$accounts_url = defined('ZOHO_ACCOUNTS_URL') ? ZOHO_ACCOUNTS_URL : 'https://accounts.zoho.com';
$url = $accounts_url . '/oauth/v2/token';
$url = 'https://accounts.zoho.com/oauth/v2/token';
$params = array(
'grant_type' => 'authorization_code',
@ -116,8 +122,7 @@ class HVAC_Zoho_CRM_Auth {
* Refresh access token using refresh token
*/
private function refresh_access_token() {
$accounts_url = defined('ZOHO_ACCOUNTS_URL') ? ZOHO_ACCOUNTS_URL : 'https://accounts.zoho.com';
$url = $accounts_url . '/oauth/v2/token';
$url = 'https://accounts.zoho.com/oauth/v2/token';
$params = array(
'refresh_token' => $this->refresh_token,
@ -209,8 +214,7 @@ class HVAC_Zoho_CRM_Auth {
return new WP_Error('no_token', $error_message);
}
$api_base_url = defined('ZOHO_API_BASE_URL') ? ZOHO_API_BASE_URL : 'https://www.zohoapis.com/crm/v2';
$url = $api_base_url . $endpoint;
$url = 'https://www.zohoapis.com/crm/v2' . $endpoint;
// Log the request details
$this->log_debug('Making ' . $method . ' request to: ' . $url);