magdev/wc-licensed-product
1
Fork 0
Code Issues Pull Requests Actions Releases 4 Activity

Compare commits

base: magdev:v0.5.2
Branches Tags
magdev:main magdev:dev
magdev:v0.7.5 magdev:v0.7.4 magdev:v0.7.3 magdev:v0.7.2 magdev:v0.7.1 magdev:v0.7.0 magdev:v0.6.1 magdev:v0.6.0 magdev:v0.5.12 magdev:v0.5.10 magdev:v0.5.9 magdev:v0.5.8 magdev:v0.5.7 magdev:v0.5.6 magdev:v0.5.5 magdev:v0.5.3 magdev:v0.5.2 magdev:v0.5.1 magdev:v0.5.0 magdev:v0.4.0 magdev:v0.3.9 magdev:v0.3.8 magdev:v0.3.7 magdev:v0.3.6 magdev:v0.3.5 magdev:v0.3.4 magdev:v0.3.3 magdev:v0.3.2 magdev:v0.3.1 magdev:v0.2.2 magdev:v0.2.1 magdev:v0.2.0 magdev:v0.1.0 magdev:v0.0.11 magdev:v0.0.10
...
compare: magdev:v0.6.0
Branches Tags
magdev:dev magdev:main
magdev:v0.7.5 magdev:v0.7.4 magdev:v0.7.3 magdev:v0.7.2 magdev:v0.7.1 magdev:v0.7.0 magdev:v0.6.1 magdev:v0.6.0 magdev:v0.5.12 magdev:v0.5.10 magdev:v0.5.9 magdev:v0.5.8 magdev:v0.5.7 magdev:v0.5.6 magdev:v0.5.5 magdev:v0.5.3 magdev:v0.5.2 magdev:v0.5.1 magdev:v0.5.0 magdev:v0.4.0 magdev:v0.3.9 magdev:v0.3.8 magdev:v0.3.7 magdev:v0.3.6 magdev:v0.3.5 magdev:v0.3.4 magdev:v0.3.3 magdev:v0.3.2 magdev:v0.3.1 magdev:v0.2.2 magdev:v0.2.1 magdev:v0.2.0 magdev:v0.1.0 magdev:v0.0.11 magdev:v0.0.10

33 Commits
v0.5.2 ... v0.6.0

Author SHA1 Message Date
magdev
b670bacf27 Add WordPress auto-update functionality (v0.6.0) 
- Add UpdateController REST API endpoint for serving update info to licensed plugins
- Add PluginUpdateChecker singleton for client-side update checking
- Hook into WordPress native plugin update system (pre_set_site_transient_update_plugins, plugins_api)
- Add Auto-Updates settings subtab with enable/disable and check frequency options
- Add authentication headers for secure download requests
- Support configurable cache TTL for update checks (default 12 hours)
- Document /update-check endpoint in OpenAPI specification
- Update German translations

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-27 20:14:11 +01:00
magdev
f8f6434342 Update CLAUDE.md with v0.5.14 and v0.5.15 session history 
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-27 17:48:36 +01:00
magdev
dace416608 Add checksum file for v0.5.15 release 
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-27 17:43:36 +01:00
magdev
72017f4c62 Fix tab rendering bug in WooCommerce product edit page (v0.5.15) 
- Simplified JavaScript to avoid conflicts with WooCommerce's native show/hide logic
- Removed conflicting CSS rule for .hide_if_licensed
- License Settings tab uses CSS class toggle for proper display
- Variations tab properly shows for licensed-variable via woocommerce_product_data_tabs filter

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-27 17:39:55 +01:00
magdev
f9efe698ea Fix Product Versions meta box not appearing for licensed-variable products (v0.5.14) 
- Product Versions meta box now always added to product pages, visibility controlled via CSS/JavaScript
- Added Installer::registerProductTypes() to create product type terms in the product_type taxonomy
- Product type terms are now ensured to exist on woocommerce_init hook for existing installations
- Fixed License Settings tab and Product Versions visibility toggling when changing product types

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-27 17:00:34 +01:00
magdev
d2e3b41a00 Add checksum file for v0.5.13 release 
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-27 15:47:00 +01:00
magdev
4b6fafe500 Update CLAUDE.md with v0.5.12 and v0.5.13 session history 
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-27 15:46:12 +01:00
magdev
d29697ac62 Fix licenses not showing in admin order form for variable products (v0.5.13) 
- Fix OrderLicenseController to use isLicensedProduct() for consistent product type detection
- Fixed expected licenses calculation for variable product orders
- Fixed manual license generation from admin order page for variable products
- Remove debug logging from all source files (PHP and JavaScript)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-27 15:45:32 +01:00
magdev
142500cab0 Fix stock indicator on licensed variable products (v0.5.12) 
- Fixed stock indicator appearing in cart for licensed variable products
- Override get_children() with direct SQL query to bypass WooCommerce type check
- Override get_variation_attributes() for proper taxonomy attribute loading
- Override get_variation_prices() to prevent null array errors
- Override get_available_variations() with empty availability_html
- Added is_type() override to pass variable type checks
- Added multiple stock-related filters for comprehensive coverage
- Improved isLicensedProductOrVariation() with DB-level parent type check

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-27 14:44:57 +01:00
magdev
20fb39d1a1 Update CLAUDE.md with v0.5.8-0.5.11 session history 
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-27 13:59:00 +01:00
magdev
953aa6c8e8 Fix licensed variable products showing as sold out (v0.5.11) 
- Fixed is_purchasable() method in LicensedVariableProduct to delegate to
  parent WC_Product_Variable instead of checking for price (variable products
  don't have direct prices, only their variations do)
- Fixed getProductClass() filter to accept all 4 WooCommerce parameters
  and use product_id for reliable variation parent detection
- Fallback to global $post when product_id not available for backwards compat

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-27 13:58:07 +01:00
magdev
db4966caf2 Add release package v0.5.10 
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-27 13:52:51 +01:00
magdev
9c4232f14f Fix licensed variable products not showing variations (v0.5.10) 
- Re-load product via wc_get_product() to ensure correct class instance
- Removed overly strict type check that prevented variations from displaying
- Now mirrors WooCommerce's standard woocommerce_variable_add_to_cart()

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-27 13:51:46 +01:00
magdev
0638767ce3 Add release package v0.5.9 
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-27 13:41:58 +01:00
magdev
9826c8181e Fix frontend error on licensed variable products without attributes (v0.5.9) 
- Added null checks for get_variation_attributes(), get_available_variations(), get_default_attributes()
- Show informative message when product has no variations configured
- Changed product type check from instanceof to is_type() for better compatibility

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-27 13:40:50 +01:00
magdev
fa972ceaf0 Add release package v0.5.8 
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-27 13:36:24 +01:00
magdev
3abf05cff3 Update translations for v0.5.8 
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-27 13:35:02 +01:00
magdev
169eed65eb Fix critical error and variants tab on licensed variable products (v0.5.8) 
- Fixed critical error on frontend product pages for licensed variable products
- Variable product add-to-cart template now passes required variables
- Variants tab no longer disappears when saving attributes
- Added WooCommerce AJAX event listeners for tab visibility

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-27 13:34:27 +01:00
magdev
90cb8d97bd Update CLAUDE.md with v0.5.6 and v0.5.7 session history 
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-27 11:59:48 +01:00
magdev
fc281f7f4a Add release package v0.5.7 
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-27 11:56:26 +01:00
magdev
962368d35f Update translations for v0.5.7 
- Updated POT template with 388 strings
- All German (de_CH) strings translated
- Recompiled .mo file

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-27 11:55:18 +01:00
magdev
4dcace6f06 Remove Default prefix from settings labels (v0.5.7) 
- Max Activations (was "Default Max Activations")
- License Validity (Days) (was "Default License Validity (Days)")
- Bind to Major Version (was "Default Bind to Major Version")

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-27 11:54:31 +01:00
magdev
62aecc0240 Add release package v0.5.6 
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-27 11:38:54 +01:00
magdev
1f676556f2 Update translations for v0.5.6 
- Regenerated .pot template
- Updated German (de_CH) translations (391 strings)
- Fixed duplicate translation entries
- Compiled .mo file

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-27 11:36:53 +01:00
magdev
5f51aafe3b Fix License Settings tab visibility and update README (v0.5.6) 
- License Settings tab now only shows for licensed and licensed-variable product types
- Fixed CSS that forced show_if_licensed to always display
- Improved JavaScript for proper tab show/hide on product type change
- Updated README.md with complete v0.5.x feature documentation:
  - Variable Licensed Products
  - Multi-Domain Licensing
  - Per-License Customer Secrets
  - Download Statistics
  - Configurable Rate Limiting

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-27 11:29:56 +01:00
magdev
279b0d5dd6 Add release package v0.5.5 
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-26 17:10:52 +01:00
magdev
086755cb11 Update translations for v0.5.5 
Regenerated .pot template and recompiled German translations.
All 391 strings translated.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-26 17:07:36 +01:00
magdev
0b58de193e Fix critical signature compatibility with client library (v0.5.5) 
CRITICAL: Key derivation now uses native hash_hkdf() for RFC 5869
compliance. Previous custom implementation was incompatible with
the magdev/wc-licensed-product-client library.

Changes:
- ResponseSigner::deriveCustomerSecret() now uses hash_hkdf()
- Added missing domain validation to /activate endpoint
- Customer secrets will change after upgrade (breaking change)

The signature algorithm now matches the client's ResponseSignature::deriveKey():
- IKM: server_secret
- Length: 32 bytes
- Info: license_key

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-26 17:06:18 +01:00
magdev
ae49b262fa Update wc-licensed-product-client dependency 
Updated magdev/wc-licensed-product-client from 64d215c to 5e4b5a9.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-26 17:02:03 +01:00
magdev
5d5bb7e595 Align REST API with client documentation (v0.5.4) 
Fixed HTTP status codes for API responses:
- /validate now returns 404 for license_not_found (was 403)
- Added status code mapping: 404 not found, 500 server errors, 403 others

Added configurable rate limiting:
- WC_LICENSE_RATE_LIMIT constant for requests per window
- WC_LICENSE_RATE_WINDOW constant for window duration in seconds

Fixed license_key validation:
- Now enforces minimum 8 characters across all endpoints

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-26 17:00:52 +01:00
magdev
bee9854c18 Add release package v0.5.3 
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-26 16:15:51 +01:00
magdev
c31df1e8c4 Add licensed variable product support for duration-based licenses (v0.5.3) 
Customers can now purchase licenses with different durations (monthly,
yearly, lifetime) through WooCommerce product variations. Each variation
can have its own license validity settings.

New features:
- LicensedVariableProduct class for variable licensed products
- LicensedProductVariation class for individual variations
- Per-variation license duration and max activations settings
- Duration labels in checkout (Monthly, Quarterly, Yearly, etc.)
- Full support for WooCommerce Blocks checkout with variations
- Updated translations for German (de_CH)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-26 16:14:15 +01:00
magdev
8cac742f57 Update CLAUDE.md with v0.5.2 session history 
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-26 15:36:35 +01:00
49 changed files with 4782 additions and 1278 deletions
Expand all files Collapse all files

172
CHANGELOG.md
View File

@@ -7,6 +7,178 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
## [Unreleased]
## [0.5.15] - 2026-01-27
### Fixed
- Fixed tab rendering bug in WooCommerce product edit page when switching to licensed or licensed-variable product types
- Simplified JavaScript to avoid conflicts with WooCommerce's native show/hide logic
- Removed conflicting CSS rule for `.hide_if_licensed` that was causing layout issues
- License Settings tab now uses CSS class toggle (`.wclp-active`) instead of jQuery `.show()/.hide()` for proper display
- Variations tab now properly shows for licensed-variable products via `woocommerce_product_data_tabs` filter
## [0.5.14] - 2026-01-27
### Fixed
- **CRITICAL:** Fixed Product Versions meta box not appearing for licensed-variable products
- Product Versions meta box now always added to product pages, visibility controlled via CSS/JavaScript
- Added `Installer::registerProductTypes()` to create product type terms in the `product_type` taxonomy
- Product type terms are now ensured to exist on `woocommerce_init` hook for existing installations
- Fixed License Settings tab and Product Versions visibility toggling when changing product types
## [0.5.13] - 2026-01-27
### Fixed
- **CRITICAL:** Fixed licenses not showing in admin order form for licensed-variable products
- `OrderLicenseController` now uses `LicenseManager::isLicensedProduct()` for consistent product type detection
- Fixed expected licenses calculation for variable product orders
- Fixed manual license generation from admin order page for variable products
### Changed
- Removed debug logging from all source files (PHP and JavaScript)
- Cleaned up checkout blocks integration, Store API extension, and checkout controller
## [0.5.12] - 2026-01-27
### Fixed
- **CRITICAL:** Fixed stock indicator ("1 in stock") appearing in cart for licensed variable product variations
- Override `get_children()` with direct SQL query to bypass WooCommerce's `is_type('variable')` check
- Override `get_variation_attributes()` to properly load taxonomy attribute terms
- Override `get_variation_prices()` to prevent fatal error with null `$this->prices_array`
- Override `get_available_variations()` with empty `availability_html` for variations
- Added `is_type()` override to return true for both 'licensed-variable' and 'variable' type checks
- Added multiple stock-related filters: `woocommerce_get_availability_text`, `woocommerce_product_get_stock_quantity`, `woocommerce_product_variation_get_stock_quantity`
- Improved `isLicensedProductOrVariation()` check using `WC_Product_Factory::get_product_type()` for reliable parent type detection
### Changed
- `LicensedProductVariation` now includes `get_availability()`, `managing_stock()`, and `is_purchasable()` overrides
- Simplified `isVirtual()` to use shared `isLicensedProductOrVariation()` helper
## [0.5.11] - 2026-01-27
### Fixed
- **CRITICAL:** Fixed "sold out" message on licensed variable products by correcting `is_purchasable()` method
- Variable products don't have a direct price - `is_purchasable()` now delegates to parent `WC_Product_Variable` class
- Fixed variation class detection by using product ID parameter instead of unreliable global `$post`
- Product class filter now properly accepts all 4 WooCommerce filter parameters for reliable variation detection
## [0.5.10] - 2026-01-27
### Fixed
- Fixed licensed variable products not showing variations even when attributes are defined
- Re-load product via `wc_get_product()` to ensure correct class instance is used
- Removed overly strict type check that was preventing variations from displaying
- Now mirrors WooCommerce's standard `woocommerce_variable_add_to_cart()` implementation
## [0.5.9] - 2026-01-27
### Fixed
- Fixed frontend error on licensed variable products when no attributes are defined
- Added null checks for `get_variation_attributes()`, `get_available_variations()`, and `get_default_attributes()`
- Show informative message instead of error when product has no variations configured
- Changed product type check from `instanceof` to `is_type()` for better compatibility
## [0.5.8] - 2026-01-27
### Fixed
- **CRITICAL:** Fixed critical error on frontend product pages for licensed variable products
- Variable product add-to-cart template now passes required variables (`available_variations`, `attributes`, `selected_attributes`)
- Variants tab no longer disappears when saving attributes on licensed variable products
- Added WooCommerce AJAX event listeners to maintain tab visibility during attribute operations
### Changed
- Improved JavaScript event handling for licensed-variable product type in admin
- Added listeners for `woocommerce_variations_loaded`, `woocommerce_variations_added`, `woocommerce_variations_saved` events
- Added AJAX complete handler for attribute save operations
## [0.5.7] - 2026-01-27
### Changed
- Removed "Default" prefix from setting labels on Default Settings page for cleaner UI
- Labels now read "Max Activations", "License Validity (Days)", and "Bind to Major Version"
## [0.5.6] - 2026-01-27
### Fixed
- License Settings tab now only shows for Licensed Product and Licensed Variable Product types
- Previously the tab was visible on all product types due to CSS `!important` override
### Changed
- Improved JavaScript for License Settings tab visibility handling on product type change
- Updated README.md with complete feature documentation for v0.5.x features:
- Variable Licensed Products
- Multi-Domain Licensing
- Per-License Customer Secrets
- Download Statistics
- Configurable Rate Limiting
## [0.5.5] - 2026-01-26
### Fixed
- **CRITICAL:** Response signing key derivation now uses native `hash_hkdf()` for RFC 5869 compliance
- Key derivation now matches client library (`SecureLicenseClient`) exactly
- Added missing domain validation to `/activate` endpoint (1-255 characters)
### Changed
- `ResponseSigner::deriveCustomerSecret()` now uses `hash_hkdf('sha256', $serverSecret, 32, $licenseKey)`
- Previous custom HKDF-like implementation was incompatible with client library
### Security
- Signatures generated by server now verify correctly with `magdev/wc-licensed-product-client`
- All three API endpoints now have consistent parameter validation
## [0.5.4] - 2026-01-26
### Fixed
- REST API `/validate` endpoint now returns HTTP 404 for `license_not_found` error (was 403)
- License key validation now enforces minimum 8 characters per API documentation
### Added
- Configurable rate limiting via `WC_LICENSE_RATE_LIMIT` and `WC_LICENSE_RATE_WINDOW` constants
- Rate limit now defaults to 30 requests per 60 second window (configurable)
### Changed
- Improved HTTP status code mapping: 404 for not found, 500 for server errors, 403 for all other errors
- Rate limiting implementation now uses configurable constants instead of hardcoded values
## [0.5.3] - 2026-01-26
### Added
- Variable licensed product type (`licensed-variable`) for selling licenses with different durations
- Support for monthly, yearly, quarterly, or lifetime license variations
- `LicensedVariableProduct` class extending `WC_Product_Variable`
- `LicensedProductVariation` class for individual variation license settings
- Variation-specific license duration settings in product edit page
- Duration labels displayed in checkout domain fields (e.g., "Yearly License")
- Variation ID tracking in order domain meta for proper license generation
### Changed
- Updated `LicenseManager::generateLicense()` to accept optional variation ID
- Checkout now handles variations with separate domain fields per product/variation
- WooCommerce Blocks checkout updated to display variation duration labels
- Store API extension updated to include variation_id in domain data schema
## [0.5.2] - 2026-01-26
### Added

371
CLAUDE.md
View File

@@ -32,10 +32,6 @@ This project is proudly **"vibe-coded"** using Claude.AI - the entire codebase w
**Note for AI Assistants:** Clean this section after the specific features are done or new releases are made. Effective changes are tracked in `CHANGELOG.md`. Do not add completed versions here - document them in the Session History section at the end of this file.
### Version 0.5.2
*No planned bugfixes yet.*
### Version 0.6.0
*No planned features yet.*
@@ -1293,3 +1289,370 @@ Bug fix release improving admin UI usability for version management and license
- Created release package: `releases/wc-licensed-product-0.5.1.zip` (863 KB)
- SHA256: `a489f0b8cfcd7d5d9b2021b7ff581b9f1a56468dfde87bbb06bb4555d11f7556`
- Tagged as `v0.5.1` and pushed to `main` branch
### 2026-01-26 - Version 0.5.2 - Per-License Customer Secrets
**Overview:**
Security enhancement release adding per-license customer secrets for API response verification. Each customer now receives a unique secret derived from their license key, eliminating the need to share a global server secret.
**Implemented:**
- Per-license secret derivation using HKDF-like approach
- Customer account UI showing API verification secret with collapsible section
- Copy-to-clipboard functionality for customer secrets
- Static helper methods in ResponseSigner for secret derivation
**New methods in ResponseSigner:**
- `deriveCustomerSecret()` - Static method to derive customer secret from license key and server secret
- `getCustomerSecretForLicense()` - Static method to get customer secret using configured server secret
- `isSigningEnabled()` - Static method to check if response signing is configured
**Modified files:**
- `src/Api/ResponseSigner.php` - Added static methods for customer secret derivation
- `src/Frontend/AccountController.php` - Added `signing_enabled` and `customer_secret` to template data
- `templates/frontend/licenses.html.twig` - Added collapsible secret section with toggle and copy button
- `assets/css/frontend.css` - Added styles for `.license-row-secret`, `.secret-toggle`, `.secret-content`
- `assets/js/frontend.js` - Added `toggleSecret()` and `copySecret()` event handlers
- `docs/server-implementation.md` - Added documentation for per-license secrets
**Technical notes:**
- Secret derivation uses HKDF-like approach: `HMAC-SHA256(HMAC-SHA256(license_key, server_secret) + "\x01", server_secret)`
- Each license gets a unique 64-character hex secret
- Secrets are only shown when `WC_LICENSE_SERVER_SECRET` is configured
- Collapsible UI prevents accidental secret exposure
- If server secret is rotated, all customer secrets change automatically
**Security improvement:**
- Customers no longer need access to the master `WC_LICENSE_SERVER_SECRET`
- If one customer's secret is leaked, other customers are not affected
- Each license key derives its own unique verification secret
**Release v0.5.2:**
- Created release package: `releases/wc-licensed-product-0.5.2.zip` (845 KB)
- SHA256: `2d61a78ac5ba0f1d115a6401e6dded5b872b18f5530027c371604cbd18e9e27c`
- Tagged as `v0.5.2` and pushed to `main` branch
### 2026-01-26 - Version 0.5.3 - Variable Licensed Products
**Overview:**
Major feature release adding support for WooCommerce variable products. Customers can now purchase licenses with different durations (monthly, yearly, lifetime) as product variations.
**New files:**
- `src/Product/LicensedVariableProduct.php` - Variable product class extending `WC_Product_Variable`
- `src/Product/LicensedProductVariation.php` - Variation class with license settings
**Implemented:**
- New `licensed-variable` product type for selling licenses with different durations
- `LicensedVariableProduct` class extending WooCommerce variable products
- `LicensedProductVariation` class for individual variation license settings
- Variation-specific license duration fields in product edit page (days, max activations)
- Duration labels (Monthly, Quarterly, Yearly, Lifetime) displayed in checkout
- Variation ID tracking in order domain meta for proper license generation
- WooCommerce Blocks checkout updated to handle variations with duration labels
**Modified files:**
- `src/Product/LicensedProductType.php` - Added licensed-variable type registration, variation hooks
- `src/License/LicenseManager.php` - Added `isLicensedProduct()` helper, variation support in `generateLicense()`
- `src/Plugin.php` - Updated license generation to handle variations
- `src/Checkout/CheckoutController.php` - Variation support in domain field rendering
- `src/Checkout/CheckoutBlocksIntegration.php` - Variation data in blocks checkout
- `src/Checkout/StoreApiExtension.php` - Variation ID in Store API schema
- `assets/js/checkout-blocks.js` - Variation handling in React components and DOM fallback
**Technical notes:**
- Variable product type shows in WooCommerce product type selector as "Licensed Variable Product"
- Each variation can override parent's license duration and max activations
- Variations are always virtual (licensed products don't ship)
- `LicensedProductVariation::get_license_duration_label()` returns human-readable duration
- Order meta `_licensed_product_domains` now includes optional `variation_id` field
- License generation uses variation settings when `variation_id` is present in order item
- Backward compatible: existing simple licensed products continue to work unchanged
### 2026-01-26 - Version 0.5.4 - API Compliance
**Overview:**
Bug fix release aligning server implementation with client documentation at `magdev/wc-licensed-product-client`.
**Fixed:**
- `/validate` endpoint now returns HTTP 404 for `license_not_found` error (was returning 403)
- License key validation now enforces minimum 8 characters across all API endpoints
**Implemented:**
- Configurable rate limiting via `WC_LICENSE_RATE_LIMIT` constant (default: 30 requests)
- Configurable rate window via `WC_LICENSE_RATE_WINDOW` constant (default: 60 seconds)
- HTTP status code mapping: 404 for not found, 500 for server errors, 403 for all other errors
**Modified files:**
- `src/Api/RestApiController.php` - Added configurable rate limiting, fixed HTTP status codes, added license_key validation
**Technical notes:**
- Rate limiting now uses `getRateLimit()` and `getRateWindow()` methods instead of constants
- New `getStatusCodeForResult()` method maps error codes to HTTP status codes
- License key validation callback added to all three endpoints (validate, status, activate)
- Uses PHP 8 match expression for status code mapping
### 2026-01-26 - Version 0.5.5 - Critical Signature Fix
**Overview:**
Critical bug fix for response signing. The key derivation algorithm was incompatible with the client library, causing signature verification failures.
**Critical Fix:**
- Key derivation now uses PHP's native `hash_hkdf()` function per RFC 5869
- Previous custom implementation produced different keys than the client library
- Signatures now verify correctly with `magdev/wc-licensed-product-client`
**Additional Fix:**
- Added missing domain validation to `/activate` endpoint (1-255 characters)
**Modified files:**
- `src/Api/ResponseSigner.php` - Fixed key derivation to use `hash_hkdf()`
- `src/Api/RestApiController.php` - Added domain validation to `/activate` endpoint
**Technical notes:**
- Old implementation: `hash_hmac('sha256', $prk . "\x01", $serverSecret)` - custom HKDF-like
- New implementation: `bin2hex(hash_hkdf('sha256', $serverSecret, 32, $licenseKey))` - RFC 5869
- Parameters match client's `ResponseSignature::deriveKey()` exactly:
- IKM (input keying material): server_secret
- Length: 32 bytes (256 bits)
- Info: license_key (context-specific info)
- **Breaking change for existing signatures** - customer secrets will change after upgrade
### 2026-01-27 - Version 0.5.6 - License Settings Tab Visibility Fix
**Overview:**
Fixed License Settings tab visibility for non-licensed product types and updated README with v0.5.x features.
**Bug Fix:**
- License Settings tab now only shows for Licensed Product and Licensed Variable Product types
- Previously the tab was visible on all product types due to CSS `!important` override forcing `display: block`
**Modified files:**
- `assets/css/admin.css` - Changed from `display: block !important` to `display: none` for `.show_if_licensed` and `.show_if_licensed-variable`
- `src/Product/LicensedProductType.php` - Added consolidated `toggleLicensedProductOptions()` JavaScript function
- `README.md` - Updated with complete feature documentation for v0.5.x features
**Technical notes:**
- CSS now hides License Settings tab by default
- JavaScript `toggleLicensedProductOptions()` function shows/hides tab based on product type selector
- Function is called both on page load and on product type change
- README updated with: Variable Licensed Products, Multi-Domain Licensing, Per-License Secrets, Download Statistics, Configurable Rate Limiting
**Release v0.5.6:**
- Created release package: `releases/wc-licensed-product-0.5.6.zip` (1.1 MB)
- SHA256: `4d35a319fe4cb4e7055bae17fc030487ca05e5e9ac905f76d0ac62002bde4336`
- Tagged as `v0.5.6` and pushed to `main` branch
### 2026-01-27 - Version 0.5.7 - Settings UI Cleanup
**Overview:**
Removed redundant "Default" prefix from setting labels on the Default Settings page for cleaner UI.
**Changed:**
- "Max Activations" (was "Default Max Activations")
- "License Validity (Days)" (was "Default License Validity (Days)")
- "Bind to Major Version" (was "Default Bind to Major Version")
**Modified files:**
- `src/Admin/SettingsController.php` - Removed "Default" prefix from three setting labels
**Technical notes:**
- Labels are cleaner since the page section itself is already named "Default Settings"
- No functional changes, purely UI improvement
- Updated all translations (388 strings)
**Release v0.5.7:**
- Created release package: `releases/wc-licensed-product-0.5.7.zip` (856 KB)
- SHA256: `ceb4d57598f576f4f172153ff80df8c180ecd4dca873cf109327fc5ac718930f`
- Tagged as `v0.5.7` and pushed to `main` branch
### 2026-01-27 - Version 0.5.8-0.5.11 - Licensed Variable Product Fixes
**Overview:**
Series of bug fixes for licensed variable products that were showing frontend errors and not displaying properly.
**v0.5.8 - Initial Fix:**
- Fixed critical error on frontend product pages for licensed variable products
- Variable product add-to-cart template now passes required variables (`available_variations`, `attributes`, `selected_attributes`)
- Added JavaScript event listeners for WooCommerce AJAX events to maintain admin variants tab visibility
**v0.5.9 - Null Checks:**
- Added null checks for `get_variation_attributes()`, `get_available_variations()`, and `get_default_attributes()`
- Show informative message instead of error when product has no variations configured
- Changed product type check from `instanceof` to `is_type()` for better compatibility
**v0.5.10 - Product Loading:**
- Re-load product via `wc_get_product()` to ensure correct class instance is used
- Removed overly strict type check that was preventing variations from displaying
**v0.5.11 - Final Fix:**
- **CRITICAL:** Fixed "sold out" message on licensed variable products
- `LicensedVariableProduct::is_purchasable()` now delegates to parent `WC_Product_Variable` class (variable products don't have direct prices - only variations do)
- Fixed `getProductClass()` filter to accept all 4 WooCommerce parameters and use product_id for reliable variation parent detection
- Added fallback to global `$post` when product_id not available
**Modified files:**
- `src/Product/LicensedProductType.php` - Fixed `variableAddToCartTemplate()` and `getProductClass()` methods
- `src/Product/LicensedVariableProduct.php` - Fixed `is_purchasable()` method
- `wc-licensed-product.php` - Version bumps
**Technical notes:**
- WooCommerce `woocommerce_product_class` filter has 4 parameters: `$className`, `$productType`, `$postType`, `$productId`
- Variable products delegate purchasability to their variations - checking `get_price()` on parent is incorrect
- Variation parent detection must use product ID, not global `$post` which may not be set on frontend
**Release v0.5.11:**
- Created release package: `releases/wc-licensed-product-0.5.11.zip` (857 KB)
- SHA256: `32571178bfa8f0d0a03ed05b498d5f9b3c860104393a96732e86a03b6de298d2`
- Committed to `dev` branch
### 2026-01-27 - Version 0.5.12 - Stock Display Fix
**Overview:**
Fixed stock indicator appearing in cart for licensed variable product variations.
**Bug Fix:**
- Fixed "1 in stock" message appearing in cart for licensed variable product variations
- Added multiple WooCommerce filter overrides to suppress stock display
**Modified files:**
- `src/Product/LicensedVariableProduct.php` - Override `get_children()`, `get_variation_attributes()`, `get_variation_prices()`, `get_available_variations()`, `is_type()`
- `src/Product/LicensedProductVariation.php` - Added `get_availability()`, `managing_stock()`, `is_purchasable()` overrides
- `src/Product/LicensedProductType.php` - Added stock-related filter hooks
**Technical notes:**
- `get_children()` uses direct SQL query to bypass WooCommerce's `is_type('variable')` check
- `is_type()` override returns true for both 'licensed-variable' and 'variable' type checks
- Stock filters: `woocommerce_get_availability_text`, `woocommerce_product_get_stock_quantity`, `woocommerce_product_variation_get_stock_quantity`
### 2026-01-27 - Version 0.5.13 - Admin Order License Display Fix
**Overview:**
Fixed licenses not showing in admin order form for licensed-variable products and removed debug logging.
**Bug Fixes:**
- **CRITICAL:** Fixed licenses not appearing in admin order form for orders containing licensed-variable products
- `OrderLicenseController` now uses `LicenseManager::isLicensedProduct()` for consistent product type detection across 4 locations
- Fixed expected licenses calculation for variable product orders
- Fixed manual license generation from admin order page for variable products
**Cleanup:**
- Removed all debug `error_log()` calls from PHP source files
- Removed all debug `console.log()` calls from JavaScript files
- Files cleaned: Plugin.php, CheckoutBlocksIntegration.php, StoreApiExtension.php, CheckoutController.php, checkout-blocks.js
**Modified files:**
- `src/Admin/OrderLicenseController.php` - Use `isLicensedProduct()` in 4 locations
- `src/Plugin.php` - Remove debug logging
- `src/Checkout/CheckoutBlocksIntegration.php` - Remove debug logging
- `src/Checkout/StoreApiExtension.php` - Remove debug logging
- `src/Checkout/CheckoutController.php` - Remove debug logging
- `assets/js/checkout-blocks.js` - Remove debug logging
**Release v0.5.13:**
- Created release package: `releases/wc-licensed-product-0.5.13.zip` (1.0 MB)
- SHA256: `814710ad899529d0015494e4b332eace7d8e55aeda381fdf61f99274c0bf910c`
- Committed to `dev` branch
### 2026-01-27 - Version 0.5.14 - Product Versions Meta Box Fix
**Overview:**
Fixed Product Versions meta box not appearing for licensed-variable products in admin.
**Bug Fixes:**
- Product Versions meta box now always added to product pages, visibility controlled via CSS/JavaScript
- Added `Installer::registerProductTypes()` to create product type terms in the `product_type` taxonomy
- Product type terms are now ensured to exist on `woocommerce_init` hook for existing installations
**Modified files:**
- `src/Admin/VersionAdminController.php` - Simplified `addVersionsMetaBox()` to always add meta box
- `src/Installer.php` - Added `registerProductTypes()` method
- `src/Product/LicensedProductType.php` - Added `ensureProductTypeTermsExist()` hook
**Technical notes:**
- WooCommerce's `WC_Product_Factory::get_product_type()` requires product type terms to exist in the `product_type` taxonomy
- Meta box visibility is controlled via JavaScript based on selected product type
- Taxonomy terms are registered on `woocommerce_init` hook to ensure WooCommerce is fully loaded
### 2026-01-27 - Version 0.5.15 - Tab Rendering Fix
**Overview:**
Fixed tab rendering bug in WooCommerce product edit page when switching to licensed or licensed-variable product types.
**Bug Fixes:**
- Fixed tab rendering issue where License Settings and Variations tabs appeared shifted/overlapping
- Simplified JavaScript to avoid conflicts with WooCommerce's native show/hide logic
- Removed conflicting CSS rule for `.hide_if_licensed` that was causing layout issues
- License Settings tab now uses CSS class toggle (`.wclp-active`) instead of jQuery `.show()/.hide()`
- Variations tab properly shows for licensed-variable products via `woocommerce_product_data_tabs` filter
**Modified files:**
- `src/Product/LicensedProductType.php` - Simplified `toggleOurElements()` JavaScript function, added `show_if_licensed-variable` class to variations tab
- `assets/css/admin.css` - Removed `.hide_if_licensed` rule, updated tab visibility CSS to target `li.licensed_product_options`
**Technical notes:**
- jQuery's `.show()` sets `display: block` which can break `<li>` element layouts in tab lists
- Using CSS class toggle (`addClass/removeClass`) preserves proper display values
- WooCommerce product data tabs use class pattern `{tab_key}_options` (e.g., `licensed_product_options`)
- The `woocommerce_product_data_tabs` filter allows adding classes to existing tabs like variations
**Release v0.5.15:**
- Created release package: `releases/wc-licensed-product-0.5.15.zip` (862 KB)
- SHA256: `47407de49bae4c649644af64e87b44b32fb30eeb2d50890ff8c4bbb741059278`
- Committed to `dev` branch

46
README.md
View File

@@ -11,29 +11,34 @@ WC Licensed Product adds a new product type "Licensed Product" to WooCommerce, e
### Core Features
- **Licensed Product Type**: New WooCommerce product type for software sales
- **Variable Licensed Products**: Create product variations with different license durations (monthly, yearly, lifetime)
- **Automatic License Generation**: License keys generated on order completion (format: XXXX-XXXX-XXXX-XXXX)
- **Domain Binding**: Licenses are bound to customer-specified domains
- **Multi-Domain Licensing**: Customers can purchase multiple licenses for different domains in a single order
- **REST API**: Public endpoints for license validation and management
- **Response Signing**: Optional HMAC-SHA256 cryptographic signatures for API responses
- **Per-License Secrets**: Each customer receives a unique verification secret for their license
- **Version Binding**: Optional binding to major software versions
- **Expiration Support**: Set license validity periods or lifetime licenses
- **Rate Limiting**: API endpoints protected with rate limiting (30 requests/minute)
- **Rate Limiting**: API endpoints protected with configurable rate limiting (default: 30 requests/minute)
- **Trusted Proxy Support**: Configurable trusted proxies for accurate rate limiting behind CDNs
- **Checkout Blocks**: Full support for WooCommerce Checkout Blocks (default since WC 8.3+)
- **Self-Licensing**: The plugin can validate its own license (for commercial distribution)
### Customer Features
- **My Account Licenses**: Customers can view their licenses in My Account
- **My Account Licenses**: Customers can view their licenses in My Account (grouped by product)
- **License Transfers**: Customers can transfer licenses to new domains
- **Secure Downloads**: Download purchased software versions with license verification
- **Version History**: Access to older versions with collapsible download section
- **Copy to Clipboard**: Easy license key copying
- **API Verification Secret**: Per-license secret displayed for secure API integration
### Admin Features
- **License Management**: Full CRUD interface for license management
- **License Dashboard**: Statistics and analytics (WooCommerce > Reports > Licenses)
- **Dashboard Widget**: License statistics on WordPress admin dashboard
- **Dashboard Widgets**: License statistics and download statistics on WordPress admin dashboard
- **Search & Filtering**: Search by license key, domain, status, or product
- **Live Search**: AJAX-powered instant search results
- **Inline Editing**: Edit license status, expiry, and domain directly in the list
@@ -41,10 +46,12 @@ WC Licensed Product adds a new product type "Licensed Product" to WooCommerce, e
- **License Transfer**: Transfer licenses to new domains
- **CSV Export/Import**: Export and import licenses via CSV
- **Order Integration**: View and manage licenses directly from order pages
- **Generate Licenses**: Manually generate licenses for admin-created orders
- **Expiration Warnings**: Automatic email notifications before license expiration
- **Auto-Expire**: Daily cron job automatically expires licenses past their expiration date
- **License Testing**: Test licenses against the API directly from admin interface
- **Version Management**: Manage multiple versions per product with file attachments
- **Download Tracking**: Track download counts per version with statistics widget
- **SHA256 Checksums**: File integrity verification with SHA256 hash display
- **Global Settings**: Default license settings via WooCommerce settings tab
- **WooCommerce HPOS**: Compatible with High-Performance Order Storage
@@ -66,13 +73,27 @@ WC Licensed Product adds a new product type "Licensed Product" to WooCommerce, e
### Creating a Licensed Product
1. Go to Products > Add New
2. Select "Licensed Product" from the product type dropdown
2. Select "Licensed Product" from the product type dropdown (or "Licensed Variable Product" for different license durations)
3. Configure the product price in the General tab
4. Set license options in the "License Settings" tab:
- **Max Activations**: Number of domains allowed per license
- **License Validity**: Days until expiration (empty = lifetime)
- **Bind to Major Version**: Lock license to current major version
### Creating Variable Licensed Products
For selling licenses with different durations (monthly, yearly, lifetime):
1. Go to Products > Add New
2. Select "Licensed Variable Product" from the product type dropdown
3. Create variations as you would for any variable product (e.g., by "License Duration")
4. For each variation, set:
- **Variation Price**: Different prices for different durations
- **License Duration (Days)**: Days until expiration (0 = lifetime)
- **Max Activations**: Override parent product setting if needed
Duration labels (Monthly, Yearly, Lifetime) are automatically displayed at checkout.
### Managing Product Versions
1. Edit a Licensed Product
@@ -84,7 +105,8 @@ WC Licensed Product adds a new product type "Licensed Product" to WooCommerce, e
1. Go to WooCommerce > Settings > Licensed Products
2. Set default values for Max Activations, License Validity, and Version Binding
3. Per-product settings override these defaults
3. Enable Multi-Domain Licensing to allow multiple licenses per cart item
4. Per-product settings override these defaults
### Customer Checkout
@@ -144,6 +166,18 @@ define('WC_LICENSE_TRUSTED_PROXIES', 'CLOUDFLARE,10.0.0.1');
**Note**: Only configure trusted proxies if you actually use them. Without this configuration, rate limiting is more secure against IP spoofing attacks.
### Configurable Rate Limiting
The default rate limit is 30 requests per 60 seconds. You can customize this:
```php
// Requests allowed per window (default: 30)
define('WC_LICENSE_RATE_LIMIT', 60);
// Window duration in seconds (default: 60)
define('WC_LICENSE_RATE_WINDOW', 120);
```
## REST API
Full API documentation available in `openapi.json` (OpenAPI 3.1 specification).
@@ -173,6 +207,8 @@ openssl rand -hex 32
The signature prevents man-in-the-middle attacks and ensures response integrity. Use the `magdev/wc-licensed-product-client` Composer package with the `SecureLicenseClient` class to automatically verify signatures.
**Per-License Customer Secrets**: Each customer receives a unique verification secret derived from their license key. This secret is displayed in their account page under "API Verification Secret" and can be used with the client library instead of sharing the master server secret.
### Client Libraries & Examples
**PHP (Recommended):** Install the official client library via Composer:

16
assets/css/admin.css
View File

@@ -50,15 +50,21 @@ code.file-hash {
color: #666;
}
/* License Product Tab */
#woocommerce-product-data .show_if_licensed {
display: block !important;
/* License Settings Tab - Hidden by default, shown via JS based on product type */
/* WooCommerce creates tab with class: {tab_key}_options (licensed_product_options) */
#woocommerce-product-data ul.wc-tabs li.licensed_product_options {
display: none;
}
#woocommerce-product-data .hide_if_licensed {
display: none !important;
/* When shown, restore proper display for tab list items */
#woocommerce-product-data ul.wc-tabs li.licensed_product_options.wclp-active {
display: block;
}
/* Variations tab visibility for licensed-variable is handled by WooCommerce */
/* We add show_if_licensed-variable class to the variations tab via PHP filter */
/* Action Buttons */
.wp-list-table .button-link-delete {
color: #a00;

271
assets/js/checkout-blocks.js
View File

@@ -18,12 +18,25 @@
}
const { getSetting } = wc.wcSettings;
const { createElement, useState } = wp.element;
const { createElement, useState, useEffect, useCallback } = wp.element;
const { TextControl } = wp.components;
const { __ } = wp.i18n;
// Get available exports from blocksCheckout
const { ExperimentalOrderMeta } = wc.blocksCheckout;
const { ExperimentalOrderMeta, extensionCartUpdate } = wc.blocksCheckout;
// Debounce function for API updates
function debounce(func, wait) {
let timeout;
return function executedFunction(...args) {
const later = () => {
clearTimeout(timeout);
func(...args);
};
clearTimeout(timeout);
timeout = setTimeout(later, wait);
};
}
// Get settings from PHP
const settings = getSetting('wc-licensed-product_data', {});
@@ -59,6 +72,23 @@
const [domain, setDomain] = useState('');
const [error, setError] = useState('');
// Debounced API update function
const updateStoreApi = useCallback(
debounce((normalizedDomain) => {
if (extensionCartUpdate) {
extensionCartUpdate({
namespace: 'wc-licensed-product',
data: {
licensed_product_domain: normalizedDomain,
},
}).catch(err => {
console.error('[WCLP] Store API update error:', err);
});
}
}, 500),
[]
);
const handleChange = (value) => {
const normalized = normalizeDomain(value);
setDomain(normalized);
@@ -67,9 +97,11 @@
setError(settings.validationError || __('Please enter a valid domain.', 'wc-licensed-product'));
} else {
setError('');
// Update Store API when valid
updateStoreApi(normalized);
}
// Store in hidden input for form submission
// Store in hidden input for form submission (fallback)
const hiddenInput = document.getElementById('wclp-domain-hidden');
if (hiddenInput) {
hiddenInput.value = normalized;
@@ -110,6 +142,16 @@
);
};
/**
* Get unique key for product (handles variations)
*/
function getProductKey(product) {
if (product.variation_id && product.variation_id > 0) {
return `${product.product_id}_${product.variation_id}`;
}
return String(product.product_id);
}
/**
* Multi-Domain Component
*/
@@ -118,26 +160,44 @@
const [domains, setDomains] = useState(() => {
const init = {};
products.forEach(p => {
init[p.product_id] = Array(p.quantity).fill('');
const key = getProductKey(p);
init[key] = Array(p.quantity).fill('');
});
return init;
});
const [errors, setErrors] = useState({});
// Debounced API update function
const updateStoreApi = useCallback(
debounce((domainsData) => {
if (extensionCartUpdate) {
extensionCartUpdate({
namespace: 'wc-licensed-product',
data: {
licensed_product_domains: domainsData,
},
}).catch(err => {
console.error('[WCLP] Store API update error:', err);
});
}
}, 500),
[]
);
if (!products.length) {
return null;
}
const handleChange = (productId, index, value) => {
const handleChange = (productKey, index, value) => {
const normalized = normalizeDomain(value);
const newDomains = { ...domains };
if (!newDomains[productId]) newDomains[productId] = [];
newDomains[productId] = [...newDomains[productId]];
newDomains[productId][index] = normalized;
if (!newDomains[productKey]) newDomains[productKey] = [];
newDomains[productKey] = [...newDomains[productKey]];
newDomains[productKey][index] = normalized;
setDomains(newDomains);
// Validate
const key = `${productId}_${index}`;
const key = `${productKey}_${index}`;
const newErrors = { ...errors };
if (normalized && !isValidDomain(normalized)) {
newErrors[key] = settings.validationError || __('Please enter a valid domain.', 'wc-licensed-product');
@@ -145,14 +205,14 @@
delete newErrors[key];
}
// Check for duplicates within same product
const productDomains = newDomains[productId].filter(d => d);
// Check for duplicates within same product/variation
const productDomains = newDomains[productKey].filter(d => d);
const uniqueDomains = new Set(productDomains.map(d => normalizeDomain(d)));
if (productDomains.length !== uniqueDomains.size) {
const seen = new Set();
newDomains[productId].forEach((d, idx) => {
newDomains[productKey].forEach((d, idx) => {
const normalizedD = normalizeDomain(d);
const dupKey = `${productId}_${idx}`;
const dupKey = `${productKey}_${idx}`;
if (normalizedD && seen.has(normalizedD)) {
newErrors[dupKey] = settings.duplicateError || __('Each license requires a unique domain.', 'wc-licensed-product');
} else if (normalizedD) {
@@ -163,12 +223,24 @@
setErrors(newErrors);
// Update hidden field
const data = Object.entries(newDomains).map(([pid, doms]) => ({
product_id: parseInt(pid, 10),
domains: doms.filter(d => d),
})).filter(item => item.domains.length > 0);
// Build domain data for Store API
const data = products.map(p => {
const pKey = getProductKey(p);
const doms = newDomains[pKey] || [];
const entry = {
product_id: p.product_id,
domains: doms.filter(d => d),
};
if (p.variation_id && p.variation_id > 0) {
entry.variation_id = p.variation_id;
}
return entry;
}).filter(item => item.domains.length > 0);
// Update Store API
updateStoreApi(data);
// Update hidden field (fallback)
const hiddenInput = document.getElementById('wclp-domains-hidden');
if (hiddenInput) {
hiddenInput.value = JSON.stringify(data);
@@ -192,35 +264,43 @@
createElement('p', { style: { marginBottom: '12px', color: '#666', fontSize: '0.9em' } },
settings.fieldDescription || __('Enter a unique domain for each license.', 'wc-licensed-product')
),
products.map(product => createElement(
'div',
{
key: product.product_id,
style: {
marginBottom: '16px',
padding: '12px',
backgroundColor: '#fff',
borderRadius: '4px',
}
},
createElement('strong', { style: { display: 'block', marginBottom: '8px' } },
product.name + (product.quantity > 1 ? ` (×${product.quantity})` : '')
),
Array.from({ length: product.quantity }, (_, i) => {
const key = `${product.product_id}_${i}`;
return createElement(
'div',
{ key: i, style: { marginBottom: '8px' } },
createElement(TextControl, {
label: (settings.licenseLabel || __('License %d:', 'wc-licensed-product')).replace('%d', i + 1),
value: domains[product.product_id]?.[i] || '',
onChange: (val) => handleChange(product.product_id, i, val),
placeholder: settings.fieldPlaceholder || 'example.com',
help: errors[key] || '',
})
);
})
)),
products.map(product => {
const productKey = getProductKey(product);
const durationLabel = product.duration_label || '';
const displayName = durationLabel
? `${product.name} (${durationLabel})`
: product.name;
return createElement(
'div',
{
key: productKey,
style: {
marginBottom: '16px',
padding: '12px',
backgroundColor: '#fff',
borderRadius: '4px',
}
},
createElement('strong', { style: { display: 'block', marginBottom: '8px' } },
displayName + (product.quantity > 1 ? ` ×${product.quantity}` : '')
),
Array.from({ length: product.quantity }, (_, i) => {
const key = `${productKey}_${i}`;
return createElement(
'div',
{ key: i, style: { marginBottom: '8px' } },
createElement(TextControl, {
label: (settings.licenseLabel || __('License %d:', 'wc-licensed-product')).replace('%d', i + 1),
value: domains[productKey]?.[i] || '',
onChange: (val) => handleChange(productKey, i, val),
placeholder: settings.fieldPlaceholder || 'example.com',
help: errors[key] || '',
})
);
})
);
}),
createElement('input', {
type: 'hidden',
id: 'wclp-domains-hidden',
@@ -246,11 +326,13 @@
if (registerPlugin) {
registerPlugin('wc-licensed-product-domain-fields', {
render: () => createElement(
ExperimentalOrderMeta,
{},
createElement(LicenseDomainsBlock)
),
render: () => {
return createElement(
ExperimentalOrderMeta,
{},
createElement(LicenseDomainsBlock)
);
},
scope: 'woocommerce-checkout',
});
}
@@ -291,10 +373,19 @@
<p style="margin-bottom: 12px; color: #666; font-size: 0.9em;">
${settings.fieldDescription || 'Enter a unique domain for each license.'}
</p>
${settings.licensedProducts.map(product => `
${settings.licensedProducts.map(product => {
const productKey = product.variation_id && product.variation_id > 0
? `${product.product_id}_${product.variation_id}`
: product.product_id;
const durationLabel = product.duration_label || '';
const displayName = durationLabel
? `${product.name} (${durationLabel})`
: product.name;
return `
<div style="margin-bottom: 16px; padding: 12px; background: #fff; border-radius: 4px;">
<strong style="display: block; margin-bottom: 8px;">
${product.name}${product.quantity > 1 ? ` (×${product.quantity})` : ''}
${displayName}${product.quantity > 1 ? ` ×${product.quantity}` : ''}
</strong>
${Array.from({ length: product.quantity }, (_, i) => `
<div style="margin-bottom: 8px;">
@@ -302,14 +393,20 @@
${(settings.licenseLabel || 'License %d:').replace('%d', i + 1)}
</label>
<input type="text"
name="licensed_domains[${product.product_id}][${i}]"
name="licensed_domains[${productKey}][${i}]"
placeholder="${settings.fieldPlaceholder || 'example.com'}"
style="width: 100%; padding: 8px; border: 1px solid #ccc; border-radius: 4px;"
/>
${product.variation_id && product.variation_id > 0 ? `
<input type="hidden"
name="licensed_variation_ids[${productKey}]"
value="${product.variation_id}"
/>
` : ''}
</div>
`).join('')}
</div>
`).join('')}
`}).join('')}
`;
} else {
container.innerHTML = `
@@ -337,6 +434,68 @@
} else {
insertionPoint.appendChild(container);
}
// Add event listeners to sync with Store API
const debouncedUpdate = debounce(function() {
if (!extensionCartUpdate) {
return;
}
if (settings.isMultiDomainEnabled && settings.licensedProducts) {
// Collect multi-domain data
const domainsData = settings.licensedProducts.map(function(product) {
const productKey = product.variation_id && product.variation_id > 0
? product.product_id + '_' + product.variation_id
: String(product.product_id);
const domains = [];
for (let i = 0; i < product.quantity; i++) {
const input = container.querySelector('input[name="licensed_domains[' + productKey + '][' + i + ']"]');
if (input && input.value.trim()) {
domains.push(normalizeDomain(input.value));
}
}
const entry = {
product_id: product.product_id,
domains: domains,
};
if (product.variation_id && product.variation_id > 0) {
entry.variation_id = product.variation_id;
}
return entry;
}).filter(function(item) { return item.domains.length > 0; });
extensionCartUpdate({
namespace: 'wc-licensed-product',
data: {
licensed_product_domains: domainsData,
},
}).catch(function(err) {
console.error('[WCLP] Store API update error:', err);
});
} else {
// Single domain
const input = container.querySelector('input[name="licensed_product_domain"]');
if (input) {
const domain = normalizeDomain(input.value);
extensionCartUpdate({
namespace: 'wc-licensed-product',
data: {
licensed_product_domain: domain,
},
}).catch(function(err) {
console.error('[WCLP] Store API update error:', err);
});
}
}
}, 500);
// Attach event listeners to all domain inputs
container.querySelectorAll('input[type="text"]').forEach(function(input) {
input.addEventListener('input', debouncedUpdate);
input.addEventListener('change', debouncedUpdate);
});
}, 2000);
})();

4
composer.lock generated
View File

@@ -12,7 +12,7 @@
"source": {
"type": "git",
"url": "https://src.bundespruefstelle.ch/magdev/wc-licensed-product-client.git",
"reference": "64d215cb265a64ff318cfbb954dd128b0076dc1d"
"reference": "5e4b5a970f75d0163c5496581d963a24ade4f276"
},
"require": {
"php": "^8.3",
@@ -52,7 +52,7 @@
"issues": "https://src.bundespruefstelle.ch/magdev/wc-licensed-product-client/issues",
"source": "https://src.bundespruefstelle.ch/magdev/wc-licensed-product-client"
},
"time": "2026-01-24T13:32:11+00:00"
"time": "2026-01-26T15:54:37+00:00"
},
{
"name": "psr/cache",

BIN
languages/wc-licensed-product-de_CH.mo
View File

Binary file not shown.

1251
languages/wc-licensed-product-de_CH.po
View File

File diff suppressed because it is too large Load Diff

1138
languages/wc-licensed-product.pot
View File

File diff suppressed because it is too large Load Diff

272
openapi.json
View File

@@ -3,7 +3,7 @@
"info": {
"title": "WooCommerce Licensed Product API",
"description": "REST API for validating and managing software licenses bound to domains. This API allows external applications to validate license keys, check license status, and activate licenses on specific domains.\n\n## Response Signing (Optional)\n\nWhen the server is configured with `WC_LICENSE_SERVER_SECRET`, all API responses include cryptographic signatures for tamper protection:\n\n- `X-License-Signature`: HMAC-SHA256 signature of the response\n- `X-License-Timestamp`: Unix timestamp when the response was generated\n\nSignature verification prevents man-in-the-middle attacks and ensures response integrity. Use the `magdev/wc-licensed-product-client` library's `SecureLicenseClient` class to automatically verify signatures.",
"version": "0.3.2",
"version": "0.6.0",
"contact": {
"name": "Marco Graetsch",
"url": "https://src.bundespruefstelle.ch/magdev",
@@ -332,6 +332,148 @@
}
}
}
},
"/update-check": {
"post": {
"operationId": "checkForUpdates",
"summary": "Check for plugin updates",
"description": "Checks if a newer version of the licensed product is available. Returns WordPress-compatible update information that can be used to integrate with WordPress's native plugin update system.",
"tags": ["Plugin Updates"],
"requestBody": {
"required": true,
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/UpdateCheckRequest"
},
"example": {
"license_key": "ABCD-1234-EFGH-5678",
"domain": "example.com",
"plugin_slug": "my-licensed-plugin",
"current_version": "1.0.0"
}
},
"application/x-www-form-urlencoded": {
"schema": {
"$ref": "#/components/schemas/UpdateCheckRequest"
}
}
}
},
"responses": {
"200": {
"description": "Update check completed successfully",
"headers": {
"X-License-Signature": {
"$ref": "#/components/headers/X-License-Signature"
},
"X-License-Timestamp": {
"$ref": "#/components/headers/X-License-Timestamp"
}
},
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/UpdateCheckResponse"
},
"examples": {
"update_available": {
"summary": "Update is available",
"value": {
"success": true,
"update_available": true,
"version": "1.2.0",
"slug": "my-licensed-plugin",
"plugin": "my-licensed-plugin/my-licensed-plugin.php",
"download_url": "https://example.com/license-download/123-456-abc123",
"package": "https://example.com/license-download/123-456-abc123",
"last_updated": "2026-01-27",
"tested": "6.7",
"requires": "6.0",
"requires_php": "8.3",
"changelog": "## 1.2.0\n- New feature added\n- Bug fixes",
"package_hash": "sha256:abc123def456...",
"name": "My Licensed Plugin",
"homepage": "https://example.com/product/my-plugin"
}
},
"no_update": {
"summary": "No update available",
"value": {
"success": true,
"update_available": false,
"version": "1.0.0"
}
}
}
}
}
},
"403": {
"description": "License validation failed",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/ErrorResponse"
},
"examples": {
"license_invalid": {
"summary": "License is not valid",
"value": {
"success": false,
"update_available": false,
"error": "license_invalid",
"message": "License validation failed."
}
},
"domain_mismatch": {
"summary": "Domain mismatch",
"value": {
"success": false,
"update_available": false,
"error": "domain_mismatch",
"message": "This license is not valid for this domain."
}
}
}
}
}
},
"404": {
"description": "License or product not found",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/ErrorResponse"
},
"examples": {
"license_not_found": {
"summary": "License not found",
"value": {
"success": false,
"update_available": false,
"error": "license_not_found",
"message": "License not found."
}
},
"product_not_found": {
"summary": "Product not found",
"value": {
"success": false,
"update_available": false,
"error": "product_not_found",
"message": "Licensed product not found."
}
}
}
}
}
},
"429": {
"$ref": "#/components/responses/RateLimitExceeded"
}
}
}
}
},
"components": {
@@ -516,6 +658,130 @@
"description": "Seconds until rate limit resets"
}
}
},
"UpdateCheckRequest": {
"type": "object",
"required": ["license_key", "domain"],
"properties": {
"license_key": {
"type": "string",
"description": "The license key to validate (format: XXXX-XXXX-XXXX-XXXX)",
"maxLength": 64,
"example": "ABCD-1234-EFGH-5678"
},
"domain": {
"type": "string",
"description": "The domain the plugin is installed on",
"maxLength": 255,
"example": "example.com"
},
"plugin_slug": {
"type": "string",
"description": "The plugin slug (optional, for identification)",
"example": "my-licensed-plugin"
},
"current_version": {
"type": "string",
"description": "Currently installed version for comparison",
"example": "1.0.0"
}
}
},
"UpdateCheckResponse": {
"type": "object",
"properties": {
"success": {
"type": "boolean",
"description": "Whether the request was successful"
},
"update_available": {
"type": "boolean",
"description": "Whether an update is available"
},
"version": {
"type": "string",
"description": "Latest available version"
},
"slug": {
"type": "string",
"description": "Plugin slug for WordPress"
},
"plugin": {
"type": "string",
"description": "Plugin basename (slug/slug.php)"
},
"download_url": {
"type": "string",
"format": "uri",
"description": "Secure download URL for the update package"
},
"package": {
"type": "string",
"format": "uri",
"description": "Alias for download_url (WordPress compatibility)"
},
"last_updated": {
"type": "string",
"format": "date",
"description": "Date of the latest release"
},
"tested": {
"type": "string",
"description": "Highest WordPress version tested with"
},
"requires": {
"type": "string",
"description": "Minimum required WordPress version"
},
"requires_php": {
"type": "string",
"description": "Minimum required PHP version"
},
"changelog": {
"type": "string",
"description": "Release notes/changelog for the update"
},
"package_hash": {
"type": "string",
"description": "SHA256 hash of the package for integrity verification",
"example": "sha256:abc123..."
},
"name": {
"type": "string",
"description": "Product name"
},
"homepage": {
"type": "string",
"format": "uri",
"description": "Product homepage URL"
},
"icons": {
"type": "object",
"description": "Plugin icons for WordPress admin",
"properties": {
"1x": {
"type": "string",
"format": "uri"
},
"2x": {
"type": "string",
"format": "uri"
}
}
},
"sections": {
"type": "object",
"description": "Content sections for plugin info modal",
"properties": {
"description": {
"type": "string"
},
"changelog": {
"type": "string"
}
}
}
}
}
},
"responses": {
@@ -577,6 +843,10 @@
{
"name": "License Activation",
"description": "Activate licenses on domains"
},
{
"name": "Plugin Updates",
"description": "Check for plugin updates via WordPress-compatible API"
}
]
}

BIN
releases/wc-licensed-product-0.5.10.zip Normal file
View File

Binary file not shown.

1
releases/wc-licensed-product-0.5.10.zip.sha256 Normal file
View File

@@ -0,0 +1 @@
2bbc0655f724e201367247f0e40974ddce6d7c559987e661f2b06b43294fc99f wc-licensed-product-0.5.10.zip

BIN
releases/wc-licensed-product-0.5.11.zip Normal file
View File

Binary file not shown.

1
releases/wc-licensed-product-0.5.11.zip.sha256 Normal file
View File

@@ -0,0 +1 @@
32571178bfa8f0d0a03ed05b498d5f9b3c860104393a96732e86a03b6de298d2 wc-licensed-product-0.5.11.zip

1
releases/wc-licensed-product-0.5.12.sha256 Normal file
View File

@@ -0,0 +1 @@
20bb5cd453de9bca781864430ebd152c82f660b6f9fc3f09107ba03489a71d75 /home/magdev/workspaces/php/wordpress/wp-content/plugins/wc-licensed-product/releases/wc-licensed-product-0.5.12.zip

BIN
releases/wc-licensed-product-0.5.12.zip Normal file
View File

Binary file not shown.

BIN
releases/wc-licensed-product-0.5.13.zip Normal file
View File

Binary file not shown.

1
releases/wc-licensed-product-0.5.13.zip.sha256 Normal file
View File

@@ -0,0 +1 @@
814710ad899529d0015494e4b332eace7d8e55aeda381fdf61f99274c0bf910c wc-licensed-product-0.5.13.zip

1
releases/wc-licensed-product-0.5.15.sha256 Normal file
View File

@@ -0,0 +1 @@
47407de49bae4c649644af64e87b44b32fb30eeb2d50890ff8c4bbb741059278 wc-licensed-product-0.5.15.zip

BIN
releases/wc-licensed-product-0.5.3.zip Normal file
View File

Binary file not shown.

1
releases/wc-licensed-product-0.5.3.zip.sha256 Normal file
View File

@@ -0,0 +1 @@
bbd0fa8888c6990a4ba00ccfb8b2189ee6ac529a34cc11a5d8d8d28518b1f6dd wc-licensed-product-0.5.3.zip

BIN
releases/wc-licensed-product-0.5.5.zip Normal file
View File

Binary file not shown.

1
releases/wc-licensed-product-0.5.5.zip.sha256 Normal file
View File

@@ -0,0 +1 @@
8c37e1c68eb6031c37d35adc516a492abdbea8498bdc3e3fc7d93eda380a4fe0 wc-licensed-product-0.5.5.zip

BIN
releases/wc-licensed-product-0.5.6.zip Normal file
View File

Binary file not shown.

1
releases/wc-licensed-product-0.5.6.zip.sha256 Normal file
View File

@@ -0,0 +1 @@
4d35a319fe4cb4e7055bae17fc030487ca05e5e9ac905f76d0ac62002bde4336 releases/wc-licensed-product-0.5.6.zip

BIN
releases/wc-licensed-product-0.5.7.zip Normal file
View File

Binary file not shown.

1
releases/wc-licensed-product-0.5.7.zip.sha256 Normal file
View File

@@ -0,0 +1 @@
ceb4d57598f576f4f172153ff80df8c180ecd4dca873cf109327fc5ac718930f wc-licensed-product-0.5.7.zip

BIN
releases/wc-licensed-product-0.5.8.zip Normal file
View File

Binary file not shown.

1
releases/wc-licensed-product-0.5.8.zip.sha256 Normal file
View File

@@ -0,0 +1 @@
670c2f5182ea7140ccf9533c2b4179daf7890019a244973f467f2a5c7622b9f4 wc-licensed-product-0.5.8.zip

BIN
releases/wc-licensed-product-0.5.9.zip Normal file
View File

Binary file not shown.

1
releases/wc-licensed-product-0.5.9.zip.sha256 Normal file
View File

@@ -0,0 +1 @@
fae77dab56cb8f46693cf44fe6a1dc38ad0526d881cab2cd1f0878b234afaa8b wc-licensed-product-0.5.9.zip

8
src/Admin/OrderLicenseController.php
View File

@@ -83,7 +83,7 @@ final class OrderLicenseController
$hasLicensedProduct = false;
foreach ($order->get_items() as $item) {
$product = $item->get_product();
if ($product && $product->is_type('licensed')) {
if ($product && $this->licenseManager->isLicensedProduct($product)) {
$hasLicensedProduct = true;
break;
}
@@ -162,7 +162,7 @@ final class OrderLicenseController
// Legacy: one license per licensed product
foreach ($order->get_items() as $item) {
$product = $item->get_product();
if ($product && $product->is_type('licensed')) {
if ($product && $this->licenseManager->isLicensedProduct($product)) {
$expectedLicenses++;
}
}
@@ -567,7 +567,7 @@ final class OrderLicenseController
foreach ($order->get_items() as $item) {
$product = $item->get_product();
if (!$product || !$product->is_type('licensed')) {
if (!$product || !$this->licenseManager->isLicensedProduct($product)) {
continue;
}
@@ -615,7 +615,7 @@ final class OrderLicenseController
foreach ($order->get_items() as $item) {
$product = $item->get_product();
if (!$product || !$product->is_type('licensed')) {
if (!$product || !$this->licenseManager->isLicensedProduct($product)) {
continue;
}

63
src/Admin/SettingsController.php
View File

@@ -62,6 +62,7 @@ final class SettingsController
{
return [
'' => __('Plugin License', 'wc-licensed-product'),
'auto-updates' => __('Auto-Updates', 'wc-licensed-product'),
'defaults' => __('Default Settings', 'wc-licensed-product'),
'notifications' => __('Notifications', 'wc-licensed-product'),
];
@@ -112,6 +113,7 @@ final class SettingsController
$currentSection = $this->getCurrentSection();
return match ($currentSection) {
'auto-updates' => $this->getAutoUpdatesSettings(),
'defaults' => $this->getDefaultsSettings(),
'notifications' => $this->getNotificationsSettings(),
default => $this->getPluginLicenseSettings(),
@@ -160,6 +162,44 @@ final class SettingsController
];
}
/**
* Get auto-updates settings
*/
private function getAutoUpdatesSettings(): array
{
return [
'auto_update_section_title' => [
'name' => __('Auto-Updates', 'wc-licensed-product'),
'type' => 'title',
'desc' => __('Configure automatic plugin updates from the license server.', 'wc-licensed-product'),
'id' => 'wc_licensed_product_section_auto_update',
],
'plugin_auto_update_enabled' => [
'name' => __('Enable Auto-Updates', 'wc-licensed-product'),
'type' => 'checkbox',
'desc' => __('Automatically check for and receive plugin updates from the license server.', 'wc-licensed-product'),
'id' => 'wc_licensed_product_plugin_auto_update_enabled',
'default' => 'yes',
],
'update_check_frequency' => [
'name' => __('Check Frequency (Hours)', 'wc-licensed-product'),
'type' => 'number',
'desc' => __('How often to check for updates (in hours).', 'wc-licensed-product'),
'id' => 'wc_licensed_product_update_check_frequency',
'default' => '12',
'custom_attributes' => [
'min' => '1',
'max' => '168',
'step' => '1',
],
],
'auto_update_section_end' => [
'type' => 'sectionend',
'id' => 'wc_licensed_product_section_auto_update_end',
],
];
}
/**
* Get default license settings
*/
@@ -173,7 +213,7 @@ final class SettingsController
'id' => 'wc_licensed_product_section_defaults',
],
'default_max_activations' => [
'name' => __('Default Max Activations', 'wc-licensed-product'),
'name' => __('Max Activations', 'wc-licensed-product'),
'type' => 'number',
'desc' => __('Default maximum number of domain activations per license.', 'wc-licensed-product'),
'id' => 'wc_licensed_product_default_max_activations',
@@ -184,7 +224,7 @@ final class SettingsController
],
],
'default_validity_days' => [
'name' => __('Default License Validity (Days)', 'wc-licensed-product'),
'name' => __('License Validity (Days)', 'wc-licensed-product'),
'type' => 'number',
'desc' => __('Default number of days a license is valid. Leave empty or set to 0 for lifetime licenses.', 'wc-licensed-product'),
'id' => 'wc_licensed_product_default_validity_days',
@@ -196,7 +236,7 @@ final class SettingsController
],
],
'default_bind_to_version' => [
'name' => __('Default Bind to Major Version', 'wc-licensed-product'),
'name' => __('Bind to Major Version', 'wc-licensed-product'),
'type' => 'checkbox',
'desc' => __('If enabled, licenses are bound to the major version at purchase time by default.', 'wc-licensed-product'),
'id' => 'wc_licensed_product_default_bind_to_version',
@@ -460,6 +500,23 @@ final class SettingsController
return !empty($secret) ? (string) $secret : null;
}
/**
* Check if auto-updates are enabled
*/
public static function isAutoUpdateEnabled(): bool
{
return get_option('wc_licensed_product_plugin_auto_update_enabled', 'yes') === 'yes';
}
/**
* Get update check frequency in hours
*/
public static function getUpdateCheckFrequency(): int
{
$value = get_option('wc_licensed_product_update_check_frequency', 12);
return max(1, min(168, (int) $value));
}
/**
* Handle AJAX verify license request
*/

29
src/Admin/VersionAdminController.php
View File

@@ -43,25 +43,21 @@ final class VersionAdminController
/**
* Add versions meta box to product edit page
* Always adds the meta box - visibility is controlled via CSS/JavaScript based on product type
*/
public function addVersionsMetaBox(): void
{
global $post;
// Only add meta box for licensed products or new products
if ($post && $post->post_type === 'product') {
$product = wc_get_product($post->ID);
// Show for licensed products or new products (where type might be selected later)
if (!$product || $product->is_type('licensed') || $post->post_status === 'auto-draft') {
add_meta_box(
'wc_licensed_product_versions',
__('Product Versions', 'wc-licensed-product'),
[$this, 'renderVersionsMetaBox'],
'product',
'normal',
'high'
);
}
add_meta_box(
'wc_licensed_product_versions',
__('Product Versions', 'wc-licensed-product'),
[$this, 'renderVersionsMetaBox'],
'product',
'normal',
'high'
);
}
}
@@ -280,12 +276,13 @@ final class VersionAdminController
}
// Verify product exists and is of type licensed
$product = wc_get_product($productId);
if (!$product) {
// Use WC_Product_Factory::get_product_type() for reliable type detection
$productType = \WC_Product_Factory::get_product_type($productId);
if (!$productType) {
wp_send_json_error(['message' => __('Product not found.', 'wc-licensed-product')]);
}
if (!$product->is_type('licensed')) {
if (!in_array($productType, ['licensed', 'licensed-variable'], true)) {
wp_send_json_error(['message' => __('This product is not a licensed product.', 'wc-licensed-product')]);
}

13
src/Api/ResponseSigner.php
View File

@@ -157,16 +157,23 @@ final class ResponseSigner
* to verify signed API responses. Each customer gets their own secret
* derived from their license key.
*
* Uses RFC 5869 HKDF via PHP's native hash_hkdf() function.
* Parameters match the client library (SecureLicenseClient):
* - IKM (input keying material): server_secret
* - Length: 32 bytes (256 bits for SHA-256)
* - Info: license_key (context-specific info)
*
* @param string $licenseKey The customer's license key
* @param string $serverSecret The server's master secret
* @return string The derived secret (64 hex characters)
*/
public static function deriveCustomerSecret(string $licenseKey, string $serverSecret): string
{
// HKDF-like key derivation
$prk = hash_hmac('sha256', $licenseKey, $serverSecret, true);
// RFC 5869 HKDF using PHP's native implementation
// Must match client's ResponseSignature::deriveKey() exactly
$binaryKey = hash_hkdf('sha256', $serverSecret, 32, $licenseKey);
return hash_hmac('sha256', $prk . "\x01", $serverSecret);
return bin2hex($binaryKey);
}
/**

79
src/Api/RestApiController.php
View File

@@ -22,14 +22,34 @@ final class RestApiController
private const NAMESPACE = 'wc-licensed-product/v1';
/**
* Rate limit: requests per minute per IP
* Default rate limit: requests per window per IP
*/
private const RATE_LIMIT_REQUESTS = 30;
private const DEFAULT_RATE_LIMIT = 30;
/**
* Rate limit window in seconds
* Default rate limit window in seconds
*/
private const RATE_LIMIT_WINDOW = 60;
private const DEFAULT_RATE_WINDOW = 60;
/**
* Get the configured rate limit (requests per window)
*/
private function getRateLimit(): int
{
return defined('WC_LICENSE_RATE_LIMIT')
? (int) WC_LICENSE_RATE_LIMIT
: self::DEFAULT_RATE_LIMIT;
}
/**
* Get the configured rate limit window in seconds
*/
private function getRateWindow(): int
{
return defined('WC_LICENSE_RATE_WINDOW')
? (int) WC_LICENSE_RATE_WINDOW
: self::DEFAULT_RATE_WINDOW;
}
private LicenseManager $licenseManager;
@@ -56,12 +76,14 @@ final class RestApiController
{
$ip = $this->getClientIp();
$transientKey = 'wclp_rate_' . md5($ip);
$rateLimit = $this->getRateLimit();
$rateWindow = $this->getRateWindow();
$data = get_transient($transientKey);
if ($data === false) {
// First request, start counting
set_transient($transientKey, ['count' => 1, 'start' => time()], self::RATE_LIMIT_WINDOW);
set_transient($transientKey, ['count' => 1, 'start' => time()], $rateWindow);
return null;
}
@@ -69,15 +91,15 @@ final class RestApiController
$start = (int) ($data['start'] ?? time());
// Check if window has expired
if (time() - $start >= self::RATE_LIMIT_WINDOW) {
if (time() - $start >= $rateWindow) {
// Reset counter
set_transient($transientKey, ['count' => 1, 'start' => time()], self::RATE_LIMIT_WINDOW);
set_transient($transientKey, ['count' => 1, 'start' => time()], $rateWindow);
return null;
}
// Check if limit exceeded
if ($count >= self::RATE_LIMIT_REQUESTS) {
$retryAfter = self::RATE_LIMIT_WINDOW - (time() - $start);
if ($count >= $rateLimit) {
$retryAfter = $rateWindow - (time() - $start);
$response = new WP_REST_Response([
'success' => false,
'error' => 'rate_limit_exceeded',
@@ -89,7 +111,7 @@ final class RestApiController
}
// Increment counter
set_transient($transientKey, ['count' => $count + 1, 'start' => $start], self::RATE_LIMIT_WINDOW);
set_transient($transientKey, ['count' => $count + 1, 'start' => $start], $rateWindow);
return null;
}
@@ -257,7 +279,8 @@ final class RestApiController
'type' => 'string',
'sanitize_callback' => 'sanitize_text_field',
'validate_callback' => function ($value): bool {
return !empty($value) && strlen($value) <= 64;
$len = strlen($value);
return !empty($value) && $len >= 8 && $len <= 64;
},
],
'domain' => [
@@ -281,6 +304,10 @@ final class RestApiController
'required' => true,
'type' => 'string',
'sanitize_callback' => 'sanitize_text_field',
'validate_callback' => function ($value): bool {
$len = strlen($value);
return !empty($value) && $len >= 8 && $len <= 64;
},
],
],
]);
@@ -295,11 +322,18 @@ final class RestApiController
'required' => true,
'type' => 'string',
'sanitize_callback' => 'sanitize_text_field',
'validate_callback' => function ($value): bool {
$len = strlen($value);
return !empty($value) && $len >= 8 && $len <= 64;
},
],
'domain' => [
'required' => true,
'type' => 'string',
'sanitize_callback' => 'sanitize_text_field',
'validate_callback' => function ($value): bool {
return !empty($value) && strlen($value) <= 255;
},
],
],
]);
@@ -320,11 +354,32 @@ final class RestApiController
$result = $this->licenseManager->validateLicense($licenseKey, $domain);
$statusCode = $result['valid'] ? 200 : 403;
$statusCode = $this->getStatusCodeForResult($result);
return new WP_REST_Response($result, $statusCode);
}
/**
* Get HTTP status code based on validation result
*
* @param array $result The validation result
* @return int HTTP status code
*/
private function getStatusCodeForResult(array $result): int
{
if ($result['valid']) {
return 200;
}
$error = $result['error'] ?? '';
return match ($error) {
'license_not_found' => 404,
'activation_failed' => 500,
default => 403,
};
}
/**
* Check license status endpoint
*/

352
src/Api/UpdateController.php Normal file
View File

@@ -0,0 +1,352 @@
<?php
/**
* Update Controller
*
* REST API endpoint for plugin update checks
*
* @package Jeremias\WcLicensedProduct\Api
*/
declare(strict_types=1);
namespace Jeremias\WcLicensedProduct\Api;
use Jeremias\WcLicensedProduct\License\LicenseManager;
use Jeremias\WcLicensedProduct\Product\VersionManager;
use Jeremias\WcLicensedProduct\Product\ProductVersion;
use WP_REST_Request;
use WP_REST_Response;
use WP_REST_Server;
/**
* Handles REST API endpoint for plugin update checks
*
* This endpoint allows licensed plugins to check for updates from this WooCommerce store.
* It validates the license and returns WordPress-compatible update information.
*/
final class UpdateController
{
private const NAMESPACE = 'wc-licensed-product/v1';
/**
* Default rate limit: requests per window per IP
*/
private const DEFAULT_RATE_LIMIT = 30;
/**
* Default rate limit window in seconds
*/
private const DEFAULT_RATE_WINDOW = 60;
private LicenseManager $licenseManager;
private VersionManager $versionManager;
public function __construct(LicenseManager $licenseManager, VersionManager $versionManager)
{
$this->licenseManager = $licenseManager;
$this->versionManager = $versionManager;
$this->registerHooks();
}
/**
* Register WordPress hooks
*/
private function registerHooks(): void
{
add_action('rest_api_init', [$this, 'registerRoutes']);
}
/**
* Get the configured rate limit (requests per window)
*/
private function getRateLimit(): int
{
return defined('WC_LICENSE_RATE_LIMIT')
? (int) WC_LICENSE_RATE_LIMIT
: self::DEFAULT_RATE_LIMIT;
}
/**
* Get the configured rate limit window in seconds
*/
private function getRateWindow(): int
{
return defined('WC_LICENSE_RATE_WINDOW')
? (int) WC_LICENSE_RATE_WINDOW
: self::DEFAULT_RATE_WINDOW;
}
/**
* Check rate limit for current IP
*
* @return WP_REST_Response|null Returns error response if rate limited, null if OK
*/
private function checkRateLimit(): ?WP_REST_Response
{
$ip = $_SERVER['REMOTE_ADDR'] ?? '0.0.0.0';
$transientKey = 'wclp_update_rate_' . md5($ip);
$rateLimit = $this->getRateLimit();
$rateWindow = $this->getRateWindow();
$data = get_transient($transientKey);
if ($data === false) {
set_transient($transientKey, ['count' => 1, 'start' => time()], $rateWindow);
return null;
}
$count = (int) ($data['count'] ?? 0);
$start = (int) ($data['start'] ?? time());
if (time() - $start >= $rateWindow) {
set_transient($transientKey, ['count' => 1, 'start' => time()], $rateWindow);
return null;
}
if ($count >= $rateLimit) {
$retryAfter = $rateWindow - (time() - $start);
$response = new WP_REST_Response([
'success' => false,
'error' => 'rate_limit_exceeded',
'message' => __('Too many requests. Please try again later.', 'wc-licensed-product'),
'retry_after' => $retryAfter,
], 429);
$response->header('Retry-After', (string) $retryAfter);
return $response;
}
set_transient($transientKey, ['count' => $count + 1, 'start' => $start], $rateWindow);
return null;
}
/**
* Register REST API routes
*/
public function registerRoutes(): void
{
register_rest_route(self::NAMESPACE, '/update-check', [
'methods' => WP_REST_Server::CREATABLE,
'callback' => [$this, 'handleUpdateCheck'],
'permission_callback' => '__return_true',
'args' => [
'license_key' => [
'required' => true,
'type' => 'string',
'sanitize_callback' => 'sanitize_text_field',
'validate_callback' => function ($value): bool {
$len = strlen($value);
return !empty($value) && $len >= 8 && $len <= 64;
},
],
'domain' => [
'required' => true,
'type' => 'string',
'sanitize_callback' => 'sanitize_text_field',
'validate_callback' => function ($value): bool {
return !empty($value) && strlen($value) <= 255;
},
],
'plugin_slug' => [
'required' => false,
'type' => 'string',
'sanitize_callback' => 'sanitize_text_field',
],
'current_version' => [
'required' => false,
'type' => 'string',
'sanitize_callback' => 'sanitize_text_field',
],
],
]);
}
/**
* Handle update check request
*/
public function handleUpdateCheck(WP_REST_Request $request): WP_REST_Response
{
$rateLimitResponse = $this->checkRateLimit();
if ($rateLimitResponse !== null) {
return $rateLimitResponse;
}
$licenseKey = $request->get_param('license_key');
$domain = $request->get_param('domain');
$currentVersion = $request->get_param('current_version');
// Validate license
$validationResult = $this->licenseManager->validateLicense($licenseKey, $domain);
if (!$validationResult['valid']) {
return new WP_REST_Response([
'success' => false,
'update_available' => false,
'error' => $validationResult['error'] ?? 'license_invalid',
'message' => $validationResult['message'] ?? __('License validation failed.', 'wc-licensed-product'),
], $validationResult['error'] === 'license_not_found' ? 404 : 403);
}
// Get license to access product ID
$license = $this->licenseManager->getLicenseByKey($licenseKey);
if (!$license) {
return new WP_REST_Response([
'success' => false,
'update_available' => false,
'error' => 'license_not_found',
'message' => __('License not found.', 'wc-licensed-product'),
], 404);
}
$productId = $license->getProductId();
$product = wc_get_product($productId);
if (!$product) {
return new WP_REST_Response([
'success' => false,
'update_available' => false,
'error' => 'product_not_found',
'message' => __('Licensed product not found.', 'wc-licensed-product'),
], 404);
}
// Get latest version based on major version binding
$latestVersion = $this->getLatestVersionForLicense($license);
if (!$latestVersion) {
return new WP_REST_Response([
'success' => true,
'update_available' => false,
'version' => $currentVersion ?? '0.0.0',
'message' => __('No versions available for this product.', 'wc-licensed-product'),
]);
}
// Check if update is available
$updateAvailable = $currentVersion
? version_compare($latestVersion->getVersion(), $currentVersion, '>')
: true;
// Build response
$response = $this->buildUpdateResponse($product, $latestVersion, $license, $updateAvailable);
return new WP_REST_Response($response);
}
/**
* Get latest version for a license, respecting major version binding
*/
private function getLatestVersionForLicense($license): ?ProductVersion
{
$productId = $license->getProductId();
// Check if license is bound to a specific version
$versionId = $license->getVersionId();
if ($versionId) {
$boundVersion = $this->versionManager->getVersionById($versionId);
if ($boundVersion) {
// Get latest version for this major version
return $this->versionManager->getLatestVersionForMajor(
$productId,
$boundVersion->getMajorVersion()
);
}
}
// No version binding, return latest overall
return $this->versionManager->getLatestVersion($productId);
}
/**
* Build WordPress-compatible update response
*/
private function buildUpdateResponse($product, ProductVersion $version, $license, bool $updateAvailable): array
{
$productSlug = $product->get_slug();
// Generate secure download URL
$downloadUrl = $this->generateUpdateDownloadUrl($license->getId(), $version->getId());
$response = [
'success' => true,
'update_available' => $updateAvailable,
'version' => $version->getVersion(),
'slug' => $productSlug,
'plugin' => $productSlug . '/' . $productSlug . '.php',
'download_url' => $downloadUrl,
'package' => $downloadUrl,
'last_updated' => $version->getReleasedAt()->format('Y-m-d'),
'tested' => $this->getTestedWpVersion(),
'requires' => $this->getRequiredWpVersion(),
'requires_php' => $this->getRequiredPhpVersion(),
];
// Add changelog if available
if ($version->getReleaseNotes()) {
$response['changelog'] = $version->getReleaseNotes();
$response['sections'] = [
'description' => $product->get_short_description() ?: $product->get_description(),
'changelog' => $version->getReleaseNotes(),
];
}
// Add package hash for integrity verification
if ($version->getFileHash()) {
$response['package_hash'] = 'sha256:' . $version->getFileHash();
}
// Add product name and homepage
$response['name'] = $product->get_name();
$response['homepage'] = get_permalink($product->get_id());
// Add icons if product has featured image
$imageId = $product->get_image_id();
if ($imageId) {
$iconUrl = wp_get_attachment_image_url($imageId, 'thumbnail');
$iconUrl2x = wp_get_attachment_image_url($imageId, 'medium');
if ($iconUrl) {
$response['icons'] = [
'1x' => $iconUrl,
'2x' => $iconUrl2x ?: $iconUrl,
];
}
}
return $response;
}
/**
* Generate secure download URL for updates
*/
private function generateUpdateDownloadUrl(int $licenseId, int $versionId): string
{
$data = $licenseId . '-' . $versionId . '-' . wp_salt('auth');
$hash = substr(hash('sha256', $data), 0, 16);
$downloadKey = $licenseId . '-' . $versionId . '-' . $hash;
return home_url('license-download/' . $downloadKey);
}
/**
* Get tested WordPress version from plugin headers
*/
private function getTestedWpVersion(): string
{
return get_option('wc_licensed_product_tested_wp', '6.7');
}
/**
* Get required WordPress version from plugin headers
*/
private function getRequiredWpVersion(): string
{
return get_option('wc_licensed_product_requires_wp', '6.0');
}
/**
* Get required PHP version
*/
private function getRequiredPhpVersion(): string
{
return get_option('wc_licensed_product_requires_php', '8.3');
}
}

53
src/Checkout/CheckoutBlocksIntegration.php
View File

@@ -11,6 +11,7 @@ namespace Jeremias\WcLicensedProduct\Checkout;
use Automattic\WooCommerce\Blocks\Integrations\IntegrationInterface;
use Jeremias\WcLicensedProduct\Admin\SettingsController;
use Jeremias\WcLicensedProduct\Product\LicensedProductVariation;
/**
* Integration with WooCommerce Checkout Blocks
@@ -111,10 +112,12 @@ final class CheckoutBlocksIntegration implements IntegrationInterface
public function get_script_data(): array
{
$isMultiDomain = SettingsController::isMultiDomainEnabled();
$licensedProducts = $this->getLicensedProductsFromCart();
$hasLicensedProducts = !empty($licensedProducts);
return [
'hasLicensedProducts' => $this->cartHasLicensedProducts(),
'licensedProducts' => $this->getLicensedProductsFromCart(),
'hasLicensedProducts' => $hasLicensedProducts,
'licensedProducts' => $licensedProducts,
'isMultiDomainEnabled' => $isMultiDomain,
'fieldPlaceholder' => __('example.com', 'wc-licensed-product'),
'fieldDescription' => $isMultiDomain
@@ -141,7 +144,7 @@ final class CheckoutBlocksIntegration implements IntegrationInterface
/**
* Get licensed products from cart with quantities
*
* @return array<int, array{product_id: int, name: string, quantity: int}>
* @return array<string, array{product_id: int, variation_id: int, name: string, quantity: int, duration_label: string}>
*/
private function getLicensedProductsFromCart(): array
{
@@ -150,15 +153,55 @@ final class CheckoutBlocksIntegration implements IntegrationInterface
}
$licensedProducts = [];
foreach (WC()->cart->get_cart() as $cartItem) {
$cartContents = WC()->cart->get_cart();
foreach ($cartContents as $cartKey => $cartItem) {
$product = $cartItem['data'];
if ($product && $product->is_type('licensed')) {
if (!$product) {
continue;
}
// Check for simple licensed products
if ($product->is_type('licensed')) {
$productId = $product->get_id();
$licensedProducts[] = [
'product_id' => $productId,
'variation_id' => 0,
'name' => $product->get_name(),
'quantity' => (int) $cartItem['quantity'],
'duration_label' => '',
];
continue;
}
// Check for variations of licensed-variable products
// Use WC_Product_Factory::get_product_type() for reliable parent type check
$parentId = $product->get_parent_id();
if ($parentId) {
$parentType = \WC_Product_Factory::get_product_type($parentId);
if ($parentType === 'licensed-variable') {
$variationId = $product->get_id();
// Get duration label if it's a LicensedProductVariation
$durationLabel = '';
if ($product instanceof LicensedProductVariation) {
$durationLabel = $product->get_license_duration_label();
} else {
// Try to instantiate as LicensedProductVariation
$variation = new LicensedProductVariation($variationId);
$durationLabel = $variation->get_license_duration_label();
}
$licensedProducts[] = [
'product_id' => $parentId,
'variation_id' => $variationId,
'name' => $product->get_name(),
'quantity' => (int) $cartItem['quantity'],
'duration_label' => $durationLabel,
];
}
}
}

168
src/Checkout/CheckoutController.php
View File

@@ -11,6 +11,7 @@ namespace Jeremias\WcLicensedProduct\Checkout;
use Jeremias\WcLicensedProduct\License\LicenseManager;
use Jeremias\WcLicensedProduct\Admin\SettingsController;
use Jeremias\WcLicensedProduct\Product\LicensedProductVariation;
/**
* Handles checkout modifications for licensed products
@@ -57,7 +58,7 @@ final class CheckoutController
/**
* Get licensed products from cart with quantities
*
* @return array<int, array{product_id: int, name: string, quantity: int}>
* @return array<string, array{product_id: int, variation_id: int, name: string, quantity: int, duration_label: string}>
*/
private function getLicensedProductsFromCart(): array
{
@@ -66,15 +67,55 @@ final class CheckoutController
}
$licensedProducts = [];
foreach (WC()->cart->get_cart() as $cartItem) {
foreach (WC()->cart->get_cart() as $cartItemKey => $cartItem) {
$product = $cartItem['data'];
if ($product && $product->is_type('licensed')) {
if (!$product) {
continue;
}
// Check for simple licensed products
if ($product->is_type('licensed')) {
$productId = $product->get_id();
$licensedProducts[$productId] = [
'product_id' => $productId,
'variation_id' => 0,
'name' => $product->get_name(),
'quantity' => (int) $cartItem['quantity'],
'duration_label' => '',
];
continue;
}
// Check for variations of licensed-variable products
// Use WC_Product_Factory::get_product_type() for reliable parent type check
$parentId = $product->get_parent_id();
if ($parentId) {
$parentType = \WC_Product_Factory::get_product_type($parentId);
if ($parentType === 'licensed-variable') {
$variationId = $product->get_id();
// Use combination key to allow same product with different variations
$key = "{$parentId}_{$variationId}";
// Get duration label if it's a LicensedProductVariation
$durationLabel = '';
if ($product instanceof LicensedProductVariation) {
$durationLabel = $product->get_license_duration_label();
} else {
// Try to instantiate as LicensedProductVariation
$variation = new LicensedProductVariation($variationId);
$durationLabel = $variation->get_license_duration_label();
}
$licensedProducts[$key] = [
'product_id' => $parentId,
'variation_id' => $variationId,
'name' => $product->get_name(),
'quantity' => (int) $cartItem['quantity'],
'duration_label' => $durationLabel,
];
}
}
}
@@ -88,6 +129,7 @@ final class CheckoutController
public function addDomainField(): void
{
$licensedProducts = $this->getLicensedProductsFromCart();
if (empty($licensedProducts)) {
return;
}
@@ -150,22 +192,32 @@ final class CheckoutController
<?php esc_html_e('Enter a unique domain for each license (without http:// or www).', 'wc-licensed-product'); ?>
</p>
<?php foreach ($licensedProducts as $productId => $productData): ?>
<div class="wclp-product-domains" data-product-id="<?php echo esc_attr($productId); ?>">
<?php foreach ($licensedProducts as $key => $productData): ?>
<?php
$productId = $productData['product_id'];
$variationId = $productData['variation_id'] ?? 0;
$durationLabel = $productData['duration_label'] ?? '';
// Use key for field names to handle variations
$fieldKey = $variationId > 0 ? "{$productId}_{$variationId}" : $productId;
?>
<div class="wclp-product-domains" data-product-id="<?php echo esc_attr($productId); ?>" data-variation-id="<?php echo esc_attr($variationId); ?>">
<h4>
<?php
echo esc_html($productData['name']);
if (!empty($durationLabel)) {
echo ' <span class="wclp-duration-badge">(' . esc_html($durationLabel) . ')</span>';
}
if ($productData['quantity'] > 1) {
printf(' (×%d)', $productData['quantity']);
printf(' ×%d', $productData['quantity']);
}
?>
</h4>
<?php for ($i = 0; $i < $productData['quantity']; $i++): ?>
<?php
$fieldName = sprintf('licensed_domains[%d][%d]', $productId, $i);
$fieldId = sprintf('licensed_domain_%d_%d', $productId, $i);
$savedValue = $this->getSavedDomainValue($productId, $i);
$fieldName = sprintf('licensed_domains[%s][%d]', $fieldKey, $i);
$fieldId = sprintf('licensed_domain_%s_%d', str_replace('_', '-', $fieldKey), $i);
$savedValue = $this->getSavedDomainValue($productId, $i, $variationId);
?>
<p class="form-row form-row-wide wclp-domain-row">
<label for="<?php echo esc_attr($fieldId); ?>">
@@ -186,6 +238,9 @@ final class CheckoutController
placeholder="<?php esc_attr_e('example.com', 'wc-licensed-product'); ?>"
value="<?php echo esc_attr($savedValue); ?>"
/>
<?php if ($variationId > 0): ?>
<input type="hidden" name="licensed_variation_ids[<?php echo esc_attr($fieldKey); ?>]" value="<?php echo esc_attr($variationId); ?>" />
<?php endif; ?>
</p>
<?php endfor; ?>
</div>
@@ -197,6 +252,7 @@ final class CheckoutController
.wclp-domain-description { margin-bottom: 15px; color: #666; }
.wclp-product-domains { margin-bottom: 20px; padding: 15px; background: #f8f8f8; border-radius: 4px; }
.wclp-product-domains h4 { margin: 0 0 10px 0; font-size: 1em; }
.wclp-duration-badge { color: #0073aa; font-weight: normal; }
.wclp-domain-row { margin-bottom: 10px; }
.wclp-domain-row:last-child { margin-bottom: 0; }
.wclp-domain-row label { display: block; margin-bottom: 5px; }
@@ -207,9 +263,17 @@ final class CheckoutController
/**
* Get saved domain value from session/POST
*/
private function getSavedDomainValue(int $productId, int $index): string
private function getSavedDomainValue(int $productId, int $index, int $variationId = 0): string
{
// Build the field key (with or without variation)
$fieldKey = $variationId > 0 ? "{$productId}_{$variationId}" : (string) $productId;
// Check POST data first (validation failure case)
if (isset($_POST['licensed_domains'][$fieldKey][$index])) {
return sanitize_text_field($_POST['licensed_domains'][$fieldKey][$index]);
}
// Also try numeric key for backward compatibility
if (isset($_POST['licensed_domains'][$productId][$index])) {
return sanitize_text_field($_POST['licensed_domains'][$productId][$index]);
}
@@ -218,7 +282,11 @@ final class CheckoutController
if (WC()->session) {
$sessionDomains = WC()->session->get('licensed_product_domains', []);
foreach ($sessionDomains as $item) {
if (isset($item['product_id']) && (int) $item['product_id'] === $productId) {
$itemProductId = (int) ($item['product_id'] ?? 0);
$itemVariationId = (int) ($item['variation_id'] ?? 0);
// Match by product and variation
if ($itemProductId === $productId && $itemVariationId === $variationId) {
if (isset($item['domains'][$index])) {
return $item['domains'][$index];
}
@@ -272,8 +340,12 @@ final class CheckoutController
{
$licensedDomains = $_POST['licensed_domains'] ?? [];
foreach ($licensedProducts as $productId => $productData) {
$productDomains = $licensedDomains[$productId] ?? [];
foreach ($licensedProducts as $key => $productData) {
$productId = $productData['product_id'];
$variationId = $productData['variation_id'] ?? 0;
$fieldKey = $variationId > 0 ? "{$productId}_{$variationId}" : (string) $productId;
$productDomains = $licensedDomains[$fieldKey] ?? $licensedDomains[$productId] ?? [];
$normalizedDomains = [];
for ($i = 0; $i < $productData['quantity']; $i++) {
@@ -308,7 +380,7 @@ final class CheckoutController
continue;
}
// Check for duplicate domains within same product
// Check for duplicate domains within same product/variation
if (in_array($normalizedDomain, $normalizedDomains, true)) {
wc_add_notice(
sprintf(
@@ -332,6 +404,7 @@ final class CheckoutController
public function saveDomainField(int $orderId): void
{
$licensedProducts = $this->getLicensedProductsFromCart();
if (empty($licensedProducts)) {
return;
}
@@ -369,10 +442,15 @@ final class CheckoutController
private function saveMultiDomainFields(\WC_Order $order, array $licensedProducts): void
{
$licensedDomains = $_POST['licensed_domains'] ?? [];
$licensedVariationIds = $_POST['licensed_variation_ids'] ?? [];
$domainData = [];
foreach ($licensedProducts as $productId => $productData) {
$productDomains = $licensedDomains[$productId] ?? [];
foreach ($licensedProducts as $key => $productData) {
$productId = $productData['product_id'];
$variationId = $productData['variation_id'] ?? 0;
$fieldKey = $variationId > 0 ? "{$productId}_{$variationId}" : (string) $productId;
$productDomains = $licensedDomains[$fieldKey] ?? $licensedDomains[$productId] ?? [];
$normalizedDomains = [];
for ($i = 0; $i < $productData['quantity']; $i++) {
@@ -383,10 +461,17 @@ final class CheckoutController
}
if (!empty($normalizedDomains)) {
$domainData[] = [
$entry = [
'product_id' => $productId,
'domains' => $normalizedDomains,
];
// Include variation_id if present
if ($variationId > 0) {
$entry['variation_id'] = $variationId;
}
$domainData[] = $entry;
}
}
@@ -432,8 +517,22 @@ final class CheckoutController
<strong><?php esc_html_e('License Domains:', 'wc-licensed-product'); ?></strong>
<?php foreach ($domainData as $item): ?>
<?php
$product = wc_get_product($item['product_id']);
$productName = $product ? $product->get_name() : __('Unknown Product', 'wc-licensed-product');
$productId = $item['product_id'];
$variationId = $item['variation_id'] ?? 0;
// Get product name
if ($variationId > 0) {
$variation = wc_get_product($variationId);
$productName = $variation ? $variation->get_name() : __('Unknown Variation', 'wc-licensed-product');
// Add duration label if available
if ($variation instanceof LicensedProductVariation) {
$productName .= ' (' . $variation->get_license_duration_label() . ')';
}
} else {
$product = wc_get_product($productId);
$productName = $product ? $product->get_name() : __('Unknown Product', 'wc-licensed-product');
}
?>
<p style="margin: 5px 0 5px 15px;">
<em><?php echo esc_html($productName); ?>:</em><br>
@@ -482,8 +581,20 @@ final class CheckoutController
if ($plainText) {
echo "\n" . esc_html__('License Domains:', 'wc-licensed-product') . "\n";
foreach ($domainData as $item) {
$product = wc_get_product($item['product_id']);
$productName = $product ? $product->get_name() : __('Unknown Product', 'wc-licensed-product');
$productId = $item['product_id'];
$variationId = $item['variation_id'] ?? 0;
if ($variationId > 0) {
$variation = wc_get_product($variationId);
$productName = $variation ? $variation->get_name() : __('Unknown Variation', 'wc-licensed-product');
if ($variation instanceof LicensedProductVariation) {
$productName .= ' (' . $variation->get_license_duration_label() . ')';
}
} else {
$product = wc_get_product($productId);
$productName = $product ? $product->get_name() : __('Unknown Product', 'wc-licensed-product');
}
echo ' ' . esc_html($productName) . ': ' . esc_html(implode(', ', $item['domains'])) . "\n";
}
} else {
@@ -492,8 +603,19 @@ final class CheckoutController
<strong><?php esc_html_e('License Domains:', 'wc-licensed-product'); ?></strong>
<?php foreach ($domainData as $item): ?>
<?php
$product = wc_get_product($item['product_id']);
$productName = $product ? $product->get_name() : __('Unknown Product', 'wc-licensed-product');
$productId = $item['product_id'];
$variationId = $item['variation_id'] ?? 0;
if ($variationId > 0) {
$variation = wc_get_product($variationId);
$productName = $variation ? $variation->get_name() : __('Unknown Variation', 'wc-licensed-product');
if ($variation instanceof LicensedProductVariation) {
$productName .= ' (' . $variation->get_license_duration_label() . ')';
}
} else {
$product = wc_get_product($productId);
$productName = $product ? $product->get_name() : __('Unknown Product', 'wc-licensed-product');
}
?>
<p style="margin: 5px 0 5px 15px;">
<em><?php echo esc_html($productName); ?>:</em><br>

38
src/Checkout/StoreApiExtension.php
View File

@@ -100,6 +100,9 @@ final class StoreApiExtension
'product_id' => [
'type' => 'integer',
],
'variation_id' => [
'type' => 'integer',
],
'domains' => [
'type' => 'array',
'items' => [
@@ -162,6 +165,7 @@ final class StoreApiExtension
}
$productId = (int) $item['product_id'];
$variationId = isset($item['variation_id']) ? (int) $item['variation_id'] : 0;
$domains = [];
foreach ($item['domains'] as $domain) {
@@ -172,10 +176,17 @@ final class StoreApiExtension
}
if (!empty($domains)) {
$normalized[] = [
$entry = [
'product_id' => $productId,
'domains' => $domains,
];
// Include variation_id if present
if ($variationId > 0) {
$entry['variation_id'] = $variationId;
}
$normalized[] = $entry;
}
}
@@ -267,10 +278,23 @@ final class StoreApiExtension
// Check for licensed_domains in classic format (from DOM injection)
if (empty($domainData) && isset($requestData['licensed_domains']) && is_array($requestData['licensed_domains'])) {
$domainData = [];
foreach ($requestData['licensed_domains'] as $productId => $domains) {
$variationIds = $requestData['licensed_variation_ids'] ?? [];
foreach ($requestData['licensed_domains'] as $key => $domains) {
if (!is_array($domains)) {
continue;
}
// Parse key - could be "productId" or "productId_variationId"
$parts = explode('_', (string) $key);
$productId = (int) $parts[0];
$variationId = isset($parts[1]) ? (int) $parts[1] : 0;
// Also check for hidden variation ID field
if ($variationId === 0 && isset($variationIds[$key])) {
$variationId = (int) $variationIds[$key];
}
$normalizedDomains = [];
foreach ($domains as $domain) {
$sanitized = sanitize_text_field($domain);
@@ -279,10 +303,16 @@ final class StoreApiExtension
}
}
if (!empty($normalizedDomains)) {
$domainData[] = [
'product_id' => (int) $productId,
$entry = [
'product_id' => $productId,
'domains' => $normalizedDomains,
];
if ($variationId > 0) {
$entry['variation_id'] = $variationId;
}
$domainData[] = $entry;
}
}
}

23
src/Installer.php
View File

@@ -31,6 +31,7 @@ final class Installer
{
self::createTables();
self::createCacheDir();
self::registerProductTypes();
// Set version in options
update_option('wc_licensed_product_version', WC_LICENSED_PRODUCT_VERSION);
@@ -43,6 +44,28 @@ final class Installer
flush_rewrite_rules();
}
/**
* Register custom product type terms in the product_type taxonomy
* This is required for WC_Product_Factory::get_product_type() to work correctly
*/
public static function registerProductTypes(): void
{
// Ensure WooCommerce taxonomies are registered
if (!taxonomy_exists('product_type')) {
return;
}
// Register 'licensed' product type term if it doesn't exist
if (!term_exists('licensed', 'product_type')) {
wp_insert_term('licensed', 'product_type');
}
// Register 'licensed-variable' product type term if it doesn't exist
if (!term_exists('licensed-variable', 'product_type')) {
wp_insert_term('licensed-variable', 'product_type');
}
}
/**
* Run on plugin deactivation
*/

108
src/License/LicenseManager.php
View File

@@ -11,12 +11,51 @@ namespace Jeremias\WcLicensedProduct\License;
use Jeremias\WcLicensedProduct\Installer;
use Jeremias\WcLicensedProduct\Product\LicensedProduct;
use Jeremias\WcLicensedProduct\Product\LicensedProductVariation;
use Jeremias\WcLicensedProduct\Product\LicensedVariableProduct;
/**
* Manages license operations (CRUD, validation, generation)
*/
class LicenseManager
{
/**
* Check if a product is any type of licensed product
*
* @param \WC_Product $product Product to check
* @return bool True if product is licensed (simple or variable or variation)
*/
public function isLicensedProduct(\WC_Product $product): bool
{
// Simple licensed product
if ($product->is_type('licensed')) {
return true;
}
// Variable licensed product
if ($product->is_type('licensed-variable')) {
return true;
}
// Check for our custom variation class
if ($product instanceof LicensedProductVariation) {
return true;
}
// Variation of a licensed-variable product
// Use WC_Product_Factory::get_product_type() for reliable parent type check
// This queries the database directly and doesn't depend on product class loading
$parentId = $product->get_parent_id();
if ($parentId) {
$parentType = \WC_Product_Factory::get_product_type($parentId);
if ($parentType === 'licensed-variable') {
return true;
}
}
return false;
}
/**
* Generate a unique license key
*/
@@ -40,32 +79,63 @@ class LicenseManager
/**
* Generate a license for a completed order
*
* @param int $orderId Order ID
* @param int $productId Product ID (parent product for variations)
* @param int $customerId Customer ID
* @param string $domain Domain to bind the license to
* @param int|null $variationId Optional variation ID for variable licensed products
* @return License|null Generated license or null on failure
*/
public function generateLicense(
int $orderId,
int $productId,
int $customerId,
string $domain
string $domain,
?int $variationId = null
): ?License {
global $wpdb;
// Normalize domain first for duplicate detection
$normalizedDomain = $this->normalizeDomain($domain);
// Check if license already exists for this order, product, and domain
$existing = $this->getLicenseByOrderProductAndDomain($orderId, $productId, $normalizedDomain);
// Check if license already exists for this order, product, domain, and variation
$existing = $this->getLicenseByOrderProductDomainAndVariation($orderId, $productId, $normalizedDomain, $variationId);
if ($existing) {
return $existing;
}
$product = wc_get_product($productId);
if (!$product || !$product->is_type('licensed')) {
return null;
// Load the product that has the license settings
// For variations, load the variation; otherwise load the parent product
if ($variationId) {
$settingsProduct = wc_get_product($variationId);
// Verify parent is licensed-variable using DB-level type check
$parentType = \WC_Product_Factory::get_product_type($productId);
if ($parentType !== 'licensed-variable') {
return null;
}
// Ensure we have the proper variation class
if ($settingsProduct && !$settingsProduct instanceof LicensedProductVariation) {
$settingsProduct = new LicensedProductVariation($variationId);
}
} else {
$settingsProduct = wc_get_product($productId);
// Check if this is a licensed product (simple)
if (!$settingsProduct || !$settingsProduct->is_type('licensed')) {
return null;
}
// Ensure we have the LicensedProduct instance for type hints
if (!$settingsProduct instanceof LicensedProduct) {
$settingsProduct = new LicensedProduct($productId);
}
}
// Ensure we have the LicensedProduct instance for type hints
if (!$product instanceof LicensedProduct) {
$product = new LicensedProduct($productId);
if (!$settingsProduct) {
return null;
}
// Generate unique license key
@@ -74,16 +144,16 @@ class LicenseManager
$licenseKey = $this->generateLicenseKey();
}
// Calculate expiration date
// Calculate expiration date from the settings product (variation or parent)
$expiresAt = null;
$validityDays = $product->get_validity_days();
$validityDays = $settingsProduct->get_validity_days();
if ($validityDays !== null && $validityDays > 0) {
$expiresAt = (new \DateTimeImmutable())->modify("+{$validityDays} days")->format('Y-m-d H:i:s');
}
// Determine version ID if bound to version
// Determine version ID if bound to version (always use parent product ID for versions)
$versionId = null;
if ($product->is_bound_to_version()) {
if ($settingsProduct->is_bound_to_version()) {
$versionId = $this->getCurrentVersionId($productId);
}
@@ -99,7 +169,7 @@ class LicenseManager
'version_id' => $versionId,
'status' => License::STATUS_ACTIVE,
'activations_count' => 1,
'max_activations' => $product->get_max_activations(),
'max_activations' => $settingsProduct->get_max_activations(),
'expires_at' => $expiresAt,
],
['%s', '%d', '%d', '%d', '%s', '%d', '%s', '%d', '%d', '%s']
@@ -112,6 +182,16 @@ class LicenseManager
return $this->getLicenseById((int) $wpdb->insert_id);
}
/**
* Get license by order, product, domain, and optional variation
*/
public function getLicenseByOrderProductDomainAndVariation(int $orderId, int $productId, string $domain, ?int $variationId = null): ?License
{
// For now, just use the existing method since we don't store variation_id in licenses table yet
// In the future, we could add a variation_id column to the licenses table
return $this->getLicenseByOrderProductAndDomain($orderId, $productId, $domain);
}
/**
* Get license by ID
*/

55
src/Plugin.php
View File

@@ -17,6 +17,7 @@ use Jeremias\WcLicensedProduct\Admin\SettingsController;
use Jeremias\WcLicensedProduct\Admin\VersionAdminController;
use Jeremias\WcLicensedProduct\Api\ResponseSigner;
use Jeremias\WcLicensedProduct\Api\RestApiController;
use Jeremias\WcLicensedProduct\Api\UpdateController;
use Jeremias\WcLicensedProduct\Checkout\CheckoutBlocksIntegration;
use Jeremias\WcLicensedProduct\Checkout\CheckoutController;
use Jeremias\WcLicensedProduct\Checkout\StoreApiExtension;
@@ -27,6 +28,7 @@ use Jeremias\WcLicensedProduct\License\LicenseManager;
use Jeremias\WcLicensedProduct\License\PluginLicenseChecker;
use Jeremias\WcLicensedProduct\Product\LicensedProductType;
use Jeremias\WcLicensedProduct\Product\VersionManager;
use Jeremias\WcLicensedProduct\Update\PluginUpdateChecker;
use Twig\Environment;
use Twig\Loader\FilesystemLoader;
@@ -139,8 +141,9 @@ final class Plugin
new AccountController($this->twig, $this->licenseManager, $this->versionManager, $this->downloadController);
}
// Always initialize REST API and email controller
// Always initialize REST API, update API, and email controller
new RestApiController($this->licenseManager);
new UpdateController($this->licenseManager, $this->versionManager);
new LicenseEmailController($this->licenseManager);
// Initialize response signing if server secret is configured
@@ -162,6 +165,12 @@ final class Plugin
add_action('admin_notices', [$this, 'showUnlicensedNotice']);
}
}
// Initialize update checker if license server is configured (client-side updates)
$serverUrl = SettingsController::getPluginLicenseServerUrl();
if (!empty($serverUrl) && !$licenseChecker->isSelfLicensing()) {
PluginUpdateChecker::getInstance()->register();
}
}
/**
@@ -210,6 +219,7 @@ final class Plugin
// Try new multi-domain format first
$domainData = $order->get_meta('_licensed_product_domains');
if (!empty($domainData) && is_array($domainData)) {
$this->generateLicensesMultiDomain($order, $domainData);
return;
@@ -227,23 +237,40 @@ final class Plugin
$orderId = $order->get_id();
$customerId = $order->get_customer_id();
// Index domains by product ID for quick lookup
// Index domains by product ID (and variation ID for variable products)
$domainsByProduct = [];
foreach ($domainData as $item) {
if (isset($item['product_id']) && isset($item['domains']) && is_array($item['domains'])) {
$domainsByProduct[(int) $item['product_id']] = $item['domains'];
$productId = (int) $item['product_id'];
$variationId = isset($item['variation_id']) ? (int) $item['variation_id'] : 0;
$key = $variationId > 0 ? "{$productId}_{$variationId}" : (string) $productId;
$domainsByProduct[$key] = [
'domains' => $item['domains'],
'variation_id' => $variationId,
];
}
}
// Generate licenses for each licensed product
foreach ($order->get_items() as $item) {
$product = $item->get_product();
if (!$product || !$product->is_type('licensed')) {
if (!$product) {
continue;
}
$productId = $product->get_id();
$domains = $domainsByProduct[$productId] ?? [];
if (!$this->licenseManager->isLicensedProduct($product)) {
continue;
}
// Get the parent product ID (for variations, this is the main product)
$productId = $product->is_type('variation') ? $product->get_parent_id() : $product->get_id();
$variationId = $item->get_variation_id();
// Look up domains - first try with variation, then without
$key = $variationId > 0 ? "{$productId}_{$variationId}" : (string) $productId;
$domainInfo = $domainsByProduct[$key] ?? $domainsByProduct[(string) $productId] ?? null;
$domains = $domainInfo['domains'] ?? [];
// Generate a license for each domain
foreach ($domains as $domain) {
@@ -252,7 +279,8 @@ final class Plugin
$orderId,
$productId,
$customerId,
$domain
$domain,
$variationId > 0 ? $variationId : null
);
}
}
@@ -265,18 +293,25 @@ final class Plugin
private function generateLicensesSingleDomain(\WC_Order $order): void
{
$domain = $order->get_meta('_licensed_product_domain');
if (empty($domain)) {
return;
}
foreach ($order->get_items() as $item) {
$product = $item->get_product();
if ($product && $product->is_type('licensed')) {
if ($product && $this->licenseManager->isLicensedProduct($product)) {
// Get the parent product ID (for variations, this is the main product)
$productId = $product->is_type('variation') ? $product->get_parent_id() : $product->get_id();
$variationId = $item->get_variation_id();
$this->licenseManager->generateLicense(
$order->get_id(),
$product->get_id(),
$productId,
$order->get_customer_id(),
$domain
$domain,
$variationId > 0 ? $variationId : null
);
}
}

8
src/Product/LicensedProduct.php
View File

@@ -55,6 +55,14 @@ class LicensedProduct extends WC_Product
return $this->exists() && $this->get_price() !== '';
}
/**
* Licensed products are always in stock (virtual, no inventory)
*/
public function is_in_stock(): bool
{
return true;
}
/**
* Get max activations for this product
* Falls back to default settings if not set on product

489
src/Product/LicensedProductType.php
View File

@@ -12,7 +12,8 @@ namespace Jeremias\WcLicensedProduct\Product;
use Jeremias\WcLicensedProduct\Admin\SettingsController;
/**
* Registers and handles the Licensed product type for WooCommerce
* Registers and handles the Licensed product types for WooCommerce
* Supports both simple licensed products and variable licensed products
*/
final class LicensedProductType
{
@@ -29,9 +30,12 @@ final class LicensedProductType
*/
private function registerHooks(): void
{
// Register product type
// Ensure product type terms exist in taxonomy (for WC_Product_Factory::get_product_type())
add_action('woocommerce_init', [$this, 'ensureProductTypeTermsExist']);
// Register product types
add_filter('product_type_selector', [$this, 'addProductType']);
add_filter('woocommerce_product_class', [$this, 'getProductClass'], 10, 2);
add_filter('woocommerce_product_class', [$this, 'getProductClass'], 10, 4);
// Add product data tabs
add_filter('woocommerce_product_data_tabs', [$this, 'addProductDataTab']);
@@ -39,51 +43,121 @@ final class LicensedProductType
// Save product meta
add_action('woocommerce_process_product_meta_licensed', [$this, 'saveProductMeta']);
add_action('woocommerce_process_product_meta_licensed-variable', [$this, 'saveProductMeta']);
// Show price and add to cart for licensed products
add_action('woocommerce_licensed_add_to_cart', [$this, 'addToCartTemplate']);
add_action('woocommerce_licensed-variable_add_to_cart', [$this, 'variableAddToCartTemplate']);
// Use variable product add-to-cart handler for licensed-variable products
add_filter('woocommerce_add_to_cart_handler', [$this, 'addToCartHandler'], 10, 2);
// Make product virtual by default
add_filter('woocommerce_product_is_virtual', [$this, 'isVirtual'], 10, 2);
// Hide stock HTML for licensed products
add_filter('woocommerce_get_stock_html', [$this, 'hideStockHtml'], 10, 2);
add_filter('woocommerce_get_availability', [$this, 'hideAvailability'], 10, 2);
add_filter('woocommerce_get_availability_text', [$this, 'hideAvailabilityText'], 10, 2);
add_filter('woocommerce_product_get_stock_quantity', [$this, 'hideStockQuantity'], 10, 2);
add_filter('woocommerce_product_variation_get_stock_quantity', [$this, 'hideStockQuantity'], 10, 2);
// Display current version under product title on single product page
add_action('woocommerce_single_product_summary', [$this, 'displayCurrentVersion'], 6);
// Enqueue frontend CSS for licensed products on single product pages
add_action('wp_enqueue_scripts', [$this, 'enqueueFrontendStyles']);
// Variable product support - variation settings
add_action('woocommerce_variation_options', [$this, 'addVariationOptions'], 10, 3);
add_action('woocommerce_product_after_variable_attributes', [$this, 'addVariationFields'], 10, 3);
add_action('woocommerce_save_product_variation', [$this, 'saveVariationFields'], 10, 2);
// Admin scripts for licensed-variable type
add_action('admin_footer', [$this, 'addVariableProductScripts']);
}
/**
* Add product type to selector
* Ensure product type terms exist in the product_type taxonomy
* This is required for WC_Product_Factory::get_product_type() to work correctly
*/
public function ensureProductTypeTermsExist(): void
{
\Jeremias\WcLicensedProduct\Installer::registerProductTypes();
}
/**
* Add product types to selector
*/
public function addProductType(array $types): array
{
$types['licensed'] = __('Licensed Product', 'wc-licensed-product');
$types['licensed-variable'] = __('Licensed Variable Product', 'wc-licensed-product');
return $types;
}
/**
* Get product class for licensed type
* Get product class for licensed types
*
* @param string $className Default class name
* @param string $productType Product type
* @param string $postType Post type (usually 'product' or 'product_variation')
* @param mixed $productId Product ID (can be int or string)
*/
public function getProductClass(string $className, string $productType): string
public function getProductClass(string $className, string $productType, string $postType = '', $productId = 0): string
{
if ($productType === 'licensed') {
return LicensedProduct::class;
}
if ($productType === 'licensed-variable') {
return LicensedVariableProduct::class;
}
// Handle variations of licensed-variable products
// Check both by product type and by post type for variations
if ($productType === 'variation' || $postType === 'product_variation') {
// Get parent ID from the product post
$parentId = 0;
$productIdInt = (int) $productId;
if ($productIdInt > 0) {
$parentId = wp_get_post_parent_id($productIdInt);
}
// Fallback to global $post if product ID not available
if (!$parentId) {
global $post;
if ($post && $post->post_parent) {
$parentId = (int) $post->post_parent;
}
}
if ($parentId) {
$parentType = \WC_Product_Factory::get_product_type($parentId);
if ($parentType === 'licensed-variable') {
return LicensedProductVariation::class;
}
}
}
return $className;
}
/**
* Add product data tab for license settings
* Also modify variations tab to show for licensed-variable products
*/
public function addProductDataTab(array $tabs): array
{
// Add our License Settings tab
$tabs['licensed_product'] = [
'label' => __('License Settings', 'wc-licensed-product'),
'target' => 'licensed_product_data',
'class' => ['show_if_licensed'],
'class' => ['show_if_licensed', 'show_if_licensed-variable'],
'priority' => 21,
];
// Make Variations tab also show for licensed-variable products
if (isset($tabs['variations'])) {
$tabs['variations']['class'][] = 'show_if_licensed-variable';
}
return $tabs;
}
@@ -173,27 +247,6 @@ final class LicensedProductType
?>
</div>
</div>
<script type="text/javascript">
jQuery(document).ready(function($) {
// Show/hide panels based on product type
$('select#product-type').change(function() {
if ($(this).val() === 'licensed') {
$('.show_if_licensed').show();
$('.general_options').show();
$('.pricing').show();
} else {
$('.show_if_licensed').hide();
}
}).change();
// Show general tab for licensed products
$('#product-type').on('change', function() {
if ($(this).val() === 'licensed') {
$('.general_tab').show();
}
});
});
</script>
<?php
}
@@ -231,19 +284,111 @@ final class LicensedProductType
wc_get_template('single-product/add-to-cart/simple.php');
}
/**
* Use the variable product add-to-cart handler for licensed-variable products
* WooCommerce uses product type to determine which handler to use
*/
public function addToCartHandler(string $handler, \WC_Product $product): string
{
if ($product->is_type('licensed-variable')) {
return 'variable';
}
return $handler;
}
/**
* Hide stock HTML for licensed products (they're always virtual/in-stock)
*/
public function hideStockHtml(string $html, \WC_Product $product): string
{
if ($this->isLicensedProductOrVariation($product)) {
return '';
}
return $html;
}
/**
* Hide availability data for licensed products (they're always virtual/in-stock)
*/
public function hideAvailability(array $availability, \WC_Product $product): array
{
if ($this->isLicensedProductOrVariation($product)) {
return [
'availability' => '',
'class' => '',
];
}
return $availability;
}
/**
* Hide availability text for licensed products
*/
public function hideAvailabilityText(string $availability, \WC_Product $product): string
{
if ($this->isLicensedProductOrVariation($product)) {
return '';
}
return $availability;
}
/**
* Hide stock quantity for licensed products (return null = no stock display)
*
* @param int|null $quantity
* @param \WC_Product $product
* @return int|null
*/
public function hideStockQuantity($quantity, \WC_Product $product)
{
if ($this->isLicensedProductOrVariation($product)) {
return null;
}
return $quantity;
}
/**
* Check if product is a licensed product or variation of one
*/
private function isLicensedProductOrVariation(\WC_Product $product): bool
{
// Direct licensed products
if ($product->is_type('licensed') || $product->is_type('licensed-variable')) {
return true;
}
// Check by class name for our custom variation class
if ($product instanceof LicensedProductVariation) {
return true;
}
// Check if this is a variation with a licensed-variable parent
// Use WC_Product_Factory::get_product_type() to get parent type directly from DB
// This is more reliable than loading the full product object
$parentId = $product->get_parent_id();
if ($parentId) {
$parentType = \WC_Product_Factory::get_product_type($parentId);
if ($parentType === 'licensed-variable') {
return true;
}
}
return false;
}
/**
* Make licensed products virtual by default
*/
public function isVirtual(bool $isVirtual, \WC_Product $product): bool
{
if ($product->is_type('licensed')) {
if ($this->isLicensedProductOrVariation($product)) {
return true;
}
return $isVirtual;
}
/**
* Enqueue frontend styles for licensed products on single product pages
* Enqueue frontend styles and scripts for licensed products on single product pages
*/
public function enqueueFrontendStyles(): void
{
@@ -253,7 +398,7 @@ final class LicensedProductType
global $product;
if (!$product || !$product->is_type('licensed')) {
if (!$product || (!$product->is_type('licensed') && !$product->is_type('licensed-variable'))) {
return;
}
@@ -263,6 +408,11 @@ final class LicensedProductType
[],
WC_LICENSED_PRODUCT_VERSION
);
// For licensed-variable products, enqueue WooCommerce variation scripts
if ($product->is_type('licensed-variable')) {
wp_enqueue_script('wc-add-to-cart-variation');
}
}
/**
@@ -272,11 +422,11 @@ final class LicensedProductType
{
global $product;
if (!$product || !$product->is_type('licensed')) {
if (!$product || (!$product->is_type('licensed') && !$product->is_type('licensed-variable'))) {
return;
}
/** @var LicensedProduct $product */
/** @var LicensedProduct|LicensedVariableProduct $product */
$version = $product->get_current_version();
if (empty($version)) {
@@ -289,4 +439,277 @@ final class LicensedProductType
esc_html($version)
);
}
/**
* Add to cart template for variable licensed products
* This mirrors WooCommerce's woocommerce_variable_add_to_cart() function
*/
public function variableAddToCartTemplate(): void
{
global $product;
// The hook woocommerce_licensed-variable_add_to_cart only fires for this product type
// so we just need to verify the product exists
if (!$product) {
return;
}
// Ensure we're working with a product that has variable product methods
// Re-load the product to ensure we get the correct class instance
$productId = $product->get_id();
$variableProduct = wc_get_product($productId);
if (!$variableProduct || !method_exists($variableProduct, 'get_variation_attributes')) {
// Fallback to simple add to cart if not a variable product
wc_get_template('single-product/add-to-cart/simple.php');
return;
}
// Update global $product to use the correctly loaded instance
// This ensures the template has the right product type
$product = $variableProduct;
// Get variations count to determine if we should load them via AJAX
$children = $variableProduct->get_children();
$getVariations = count($children) <= apply_filters('woocommerce_ajax_variation_threshold', 30, $variableProduct);
// Get template variables - WooCommerce expects these to be set
$availableVariations = $getVariations ? $variableProduct->get_available_variations() : false;
$attributes = $variableProduct->get_variation_attributes();
$selectedAttributes = $variableProduct->get_default_attributes();
// Ensure arrays (WooCommerce template expects arrays, not null)
if (!is_array($attributes)) {
$attributes = [];
}
if (!is_array($selectedAttributes)) {
$selectedAttributes = [];
}
wc_get_template(
'single-product/add-to-cart/variable.php',
[
'available_variations' => $availableVariations,
'attributes' => $attributes,
'selected_attributes' => $selectedAttributes,
]
);
}
/**
* Add variation options (checkboxes next to variation header)
*/
public function addVariationOptions(int $loop, array $variationData, \WP_Post $variation): void
{
// Check if parent is licensed-variable
$parentId = $variation->post_parent;
$parentProduct = wc_get_product($parentId);
if (!$parentProduct || !$parentProduct->is_type('licensed-variable')) {
return;
}
$isVirtual = get_post_meta($variation->ID, '_virtual', true);
?>
<label class="tips" data-tip="<?php esc_attr_e('Licensed products are always virtual', 'wc-licensed-product'); ?>">
<input type="checkbox" class="checkbox" disabled checked />
<?php esc_html_e('Virtual', 'wc-licensed-product'); ?>
</label>
<?php
}
/**
* Add variation fields for license settings
*/
public function addVariationFields(int $loop, array $variationData, \WP_Post $variation): void
{
// Check if parent is licensed-variable
$parentId = $variation->post_parent;
$parentProduct = wc_get_product($parentId);
if (!$parentProduct || !$parentProduct->is_type('licensed-variable')) {
return;
}
// Get variation values
$validityDays = get_post_meta($variation->ID, '_licensed_validity_days', true);
$maxActivations = get_post_meta($variation->ID, '_licensed_max_activations', true);
// Get parent defaults for placeholder
$parentValidityDays = $parentProduct->get_validity_days();
$parentMaxActivations = $parentProduct->get_max_activations();
$parentValidityDisplay = $parentValidityDays !== null
? sprintf(__('%d days', 'wc-licensed-product'), $parentValidityDays)
: __('Lifetime', 'wc-licensed-product');
?>
<div class="wclp-variation-license-settings">
<p class="form-row form-row-first">
<label><?php esc_html_e('License Duration (Days)', 'wc-licensed-product'); ?></label>
<input type="number"
name="wclp_validity_days[<?php echo esc_attr($loop); ?>]"
class="short"
min="0"
step="1"
placeholder="<?php echo esc_attr($parentValidityDisplay); ?>"
value="<?php echo esc_attr($validityDays); ?>"
/>
<span class="description"><?php esc_html_e('Leave empty for parent default. 0 = Lifetime.', 'wc-licensed-product'); ?></span>
</p>
<p class="form-row form-row-last">
<label><?php esc_html_e('Max Activations', 'wc-licensed-product'); ?></label>
<input type="number"
name="wclp_max_activations[<?php echo esc_attr($loop); ?>]"
class="short"
min="1"
step="1"
placeholder="<?php echo esc_attr($parentMaxActivations); ?>"
value="<?php echo esc_attr($maxActivations); ?>"
/>
<span class="description"><?php esc_html_e('Leave empty for parent default.', 'wc-licensed-product'); ?></span>
</p>
</div>
<style>
.wclp-variation-license-settings {
background: #f8f8f8;
border: 1px solid #e5e5e5;
padding: 10px;
margin: 10px 0;
border-radius: 4px;
}
.wclp-variation-license-settings .description {
display: block;
font-style: italic;
color: #666;
margin-top: 4px;
}
</style>
<?php
}
/**
* Save variation fields
*/
public function saveVariationFields(int $variationId, int $loop): void
{
// Check if parent is licensed-variable
$variation = wc_get_product($variationId);
if (!$variation) {
return;
}
$parentProduct = wc_get_product($variation->get_parent_id());
if (!$parentProduct || !$parentProduct->is_type('licensed-variable')) {
return;
}
// Save validity days
// phpcs:ignore WordPress.Security.NonceVerification.Missing -- Nonce is verified by WooCommerce
if (isset($_POST['wclp_validity_days'][$loop])) {
// phpcs:ignore WordPress.Security.NonceVerification.Missing
$validityDays = sanitize_text_field($_POST['wclp_validity_days'][$loop]);
if ($validityDays !== '') {
update_post_meta($variationId, '_licensed_validity_days', absint($validityDays));
} else {
delete_post_meta($variationId, '_licensed_validity_days');
}
}
// Save max activations
// phpcs:ignore WordPress.Security.NonceVerification.Missing
if (isset($_POST['wclp_max_activations'][$loop])) {
// phpcs:ignore WordPress.Security.NonceVerification.Missing
$maxActivations = sanitize_text_field($_POST['wclp_max_activations'][$loop]);
if ($maxActivations !== '') {
update_post_meta($variationId, '_licensed_max_activations', absint($maxActivations));
} else {
delete_post_meta($variationId, '_licensed_max_activations');
}
}
// Set variation as virtual (licensed products are always virtual)
update_post_meta($variationId, '_virtual', 'yes');
}
/**
* Add JavaScript for licensed product types in admin
* Handles visibility of License Settings tab and Product Versions meta box
*/
public function addVariableProductScripts(): void
{
global $post, $pagenow;
if ($pagenow !== 'post.php' && $pagenow !== 'post-new.php') {
return;
}
if (!$post || get_post_type($post) !== 'product') {
return;
}
?>
<script type="text/javascript">
jQuery(document).ready(function($) {
// Handle our custom License Settings tab, Product Versions meta box,
// and show_if_licensed-variable elements
function toggleOurElements() {
var productType = $('#product-type').val();
var isLicensed = productType === 'licensed';
var isLicensedVariable = productType === 'licensed-variable';
// License Settings tab - use CSS class for visibility
var $licenseTab = $('li.licensed_product_options');
if (isLicensed || isLicensedVariable) {
$licenseTab.addClass('wclp-active');
} else {
$licenseTab.removeClass('wclp-active');
// If License Settings panel is active, switch to General tab
if ($('#licensed_product_data').is(':visible')) {
$('li.general_options a').trigger('click');
}
}
// Product Versions meta box
var $metaBox = $('#wc_licensed_product_versions');
if (isLicensed || isLicensedVariable) {
$metaBox.css('display', '');
} else {
$metaBox.css('display', 'none');
}
// Handle show_if_licensed-variable elements (like Variations tab)
// WooCommerce doesn't know about our custom product types
if (isLicensedVariable) {
$('.show_if_licensed-variable').show();
// Also show elements that should be visible for variable products
// since licensed-variable is a variable product type
$('.show_if_variable').show();
$('.hide_if_variable').hide();
} else {
// Let WooCommerce handle show_if_variable elements
// We only need to hide our custom class when not licensed-variable
// Don't hide show_if_licensed-variable when it's licensed (simple)
if (!isLicensed) {
$('.show_if_licensed-variable').not('.show_if_licensed').hide();
}
}
}
// Initial setup - run after WooCommerce has initialized
setTimeout(toggleOurElements, 10);
// On product type change - run after WooCommerce has processed
$('#product-type').on('change', function() {
setTimeout(toggleOurElements, 100);
});
// Re-apply after WooCommerce AJAX operations
$(document).on('woocommerce_variations_loaded woocommerce_variations_added woocommerce_variations_saved', function() {
setTimeout(toggleOurElements, 10);
});
});
</script>
<?php
}
}

251
src/Product/LicensedProductVariation.php Normal file
View File

@@ -0,0 +1,251 @@
<?php
/**
* Licensed Product Variation Class
*
* @package Jeremias\WcLicensedProduct\Product
*/
declare(strict_types=1);
namespace Jeremias\WcLicensedProduct\Product;
use Jeremias\WcLicensedProduct\Admin\SettingsController;
use WC_Product_Variation;
/**
* Licensed Product Variation type extending WooCommerce Product Variation
*
* Each variation can have its own license duration settings.
*/
class LicensedProductVariation extends WC_Product_Variation
{
/**
* Constructor
*/
public function __construct($product = 0)
{
parent::__construct($product);
}
/**
* Licensed products are always virtual
*/
public function is_virtual(): bool
{
return true;
}
/**
* Licensed products are always in stock (virtual, no inventory)
*/
public function is_in_stock(): bool
{
return true;
}
/**
* Get availability - empty for licensed products (no stock indicator)
*/
public function get_availability(): array
{
return [
'availability' => '',
'class' => '',
];
}
/**
* Don't manage stock for licensed products
*/
public function managing_stock(): bool
{
return false;
}
/**
* Check if variation is purchasable
* Override to handle custom parent product type
*/
public function is_purchasable(): bool
{
// Check if variation exists
if (!$this->exists()) {
return false;
}
// Check parent product status
$parentId = $this->get_parent_id();
$parentStatus = get_post_status($parentId);
if ($parentStatus !== 'publish' && !current_user_can('edit_post', $parentId)) {
return false;
}
// Check if variation has a price
$price = $this->get_price();
if ($price === '' || $price === null) {
return false;
}
return apply_filters('woocommerce_variation_is_purchasable', true, $this);
}
/**
* Get max activations for this variation
* Falls back to parent product, then to default settings
*/
public function get_max_activations(): int
{
// Check variation-specific setting first
$value = $this->get_meta('_licensed_max_activations', true);
if ($value !== '' && $value !== null) {
return max(1, (int) $value);
}
// Fall back to parent product
$parent = wc_get_product($this->get_parent_id());
if ($parent && method_exists($parent, 'get_max_activations')) {
return $parent->get_max_activations();
}
return SettingsController::getDefaultMaxActivations();
}
/**
* Check if variation has custom max activations set
*/
public function has_custom_max_activations(): bool
{
$value = $this->get_meta('_licensed_max_activations', true);
return $value !== '' && $value !== null;
}
/**
* Get validity days for this variation
* This is the primary license setting that varies per variation
* Falls back to parent product, then to default settings
*/
public function get_validity_days(): ?int
{
// Check variation-specific setting first
$value = $this->get_meta('_licensed_validity_days', true);
if ($value !== '' && $value !== null) {
$days = (int) $value;
// 0 means lifetime
return $days > 0 ? $days : null;
}
// Fall back to parent product
$parent = wc_get_product($this->get_parent_id());
if ($parent && method_exists($parent, 'get_validity_days')) {
return $parent->get_validity_days();
}
return SettingsController::getDefaultValidityDays();
}
/**
* Check if variation has custom validity days set
*/
public function has_custom_validity_days(): bool
{
$value = $this->get_meta('_licensed_validity_days', true);
return $value !== '' && $value !== null;
}
/**
* Check if license should be bound to major version
* Falls back to parent product, then to default settings
*/
public function is_bound_to_version(): bool
{
// Check variation-specific setting first
$value = $this->get_meta('_licensed_bind_to_version', true);
if ($value !== '' && $value !== null) {
return $value === 'yes';
}
// Fall back to parent product
$parent = wc_get_product($this->get_parent_id());
if ($parent && method_exists($parent, 'is_bound_to_version')) {
return $parent->is_bound_to_version();
}
return SettingsController::getDefaultBindToVersion();
}
/**
* Check if variation has custom bind to version setting
*/
public function has_custom_bind_to_version(): bool
{
$value = $this->get_meta('_licensed_bind_to_version', true);
return $value !== '' && $value !== null;
}
/**
* Get the license duration label for display
*/
public function get_license_duration_label(): string
{
$days = $this->get_validity_days();
if ($days === null) {
return __('Lifetime', 'wc-licensed-product');
}
if ($days === 30) {
return __('Monthly', 'wc-licensed-product');
}
if ($days === 90) {
return __('Quarterly', 'wc-licensed-product');
}
if ($days === 365) {
return __('Yearly', 'wc-licensed-product');
}
return sprintf(
/* translators: %d: number of days */
_n('%d day', '%d days', $days, 'wc-licensed-product'),
$days
);
}
/**
* Get current software version from parent product
*/
public function get_current_version(): string
{
$parent = wc_get_product($this->get_parent_id());
if ($parent && method_exists($parent, 'get_current_version')) {
return $parent->get_current_version();
}
$versionManager = new VersionManager();
$latestVersion = $versionManager->getLatestVersion($this->get_parent_id());
return $latestVersion ? $latestVersion->getVersion() : '';
}
/**
* Get major version number from parent product
*/
public function get_major_version(): int
{
$parent = wc_get_product($this->get_parent_id());
if ($parent && method_exists($parent, 'get_major_version')) {
return $parent->get_major_version();
}
$versionManager = new VersionManager();
$latestVersion = $versionManager->getLatestVersion($this->get_parent_id());
if ($latestVersion) {
return $latestVersion->getMajorVersion();
}
return 1;
}
}

350
src/Product/LicensedVariableProduct.php Normal file
View File

@@ -0,0 +1,350 @@
<?php
/**
* Licensed Variable Product Class
*
* @package Jeremias\WcLicensedProduct\Product
*/
declare(strict_types=1);
namespace Jeremias\WcLicensedProduct\Product;
use Jeremias\WcLicensedProduct\Admin\SettingsController;
use WC_Product_Variable;
/**
* Licensed Variable Product type extending WooCommerce Variable Product
*
* This allows selling license subscriptions with different durations
* (e.g., monthly, yearly, lifetime) as product variations.
*/
class LicensedVariableProduct extends WC_Product_Variable
{
/**
* Product type
*/
protected $product_type = 'licensed-variable';
/**
* Constructor
*/
public function __construct($product = 0)
{
parent::__construct($product);
}
/**
* Get product type
*/
public function get_type(): string
{
return 'licensed-variable';
}
/**
* Check if product is of a certain type
* Override to return true for 'variable' as well, so WooCommerce internal
* checks pass (many methods in WC_Product_Variable check is_type('variable'))
*/
public function is_type($type): bool
{
if (is_array($type)) {
return in_array($this->get_type(), $type, true) || in_array('variable', $type, true);
}
return $this->get_type() === $type || 'variable' === $type;
}
/**
* Licensed products are always virtual
*/
public function is_virtual(): bool
{
return true;
}
/**
* Licensed variable products are purchasable if the parent check passes
* Variable products don't have a direct price - their variations do
*/
public function is_purchasable(): bool
{
// Use the parent WC_Product_Variable logic
// which checks exists() and status, not price
return parent::is_purchasable();
}
/**
* Licensed products are always in stock (virtual, no inventory)
*/
public function is_in_stock(): bool
{
return true;
}
/**
* Get children (variations) for this product
* Override because WC_Product_Variable::get_children() checks is_type('variable')
* which fails for our 'licensed-variable' type
*/
public function get_children($context = 'view'): array
{
if (!$this->get_id()) {
return [];
}
// Query variations directly from database since WooCommerce's data store
// doesn't work properly with custom variable product types
global $wpdb;
$children = $wpdb->get_col($wpdb->prepare(
"SELECT ID FROM {$wpdb->posts}
WHERE post_parent = %d
AND post_type = 'product_variation'
AND post_status IN ('publish', 'private')
ORDER BY menu_order ASC, ID ASC",
$this->get_id()
));
$children = array_map('intval', $children);
if ('view' === $context) {
$children = apply_filters('woocommerce_get_children', $children, $this, false);
}
return is_array($children) ? $children : [];
}
/**
* Get variation attributes for this product
* Override because WC_Product_Variable uses data_store which doesn't work
* properly with custom variable product types
*/
public function get_variation_attributes(): array
{
$attributes = $this->get_attributes();
if (!$attributes || !is_array($attributes)) {
return [];
}
$variation_attributes = [];
foreach ($attributes as $attribute) {
// For WC_Product_Attribute objects
if ($attribute instanceof \WC_Product_Attribute) {
if ($attribute->get_variation()) {
$attribute_name = $attribute->get_name();
// For taxonomy attributes, get term slugs
if ($attribute->is_taxonomy()) {
$attribute_terms = wc_get_product_terms(
$this->get_id(),
$attribute_name,
['fields' => 'slugs']
);
$variation_attributes[$attribute_name] = $attribute_terms;
} else {
// For custom attributes, get options directly
$variation_attributes[$attribute_name] = $attribute->get_options();
}
}
}
// For array-based attributes (older format)
elseif (is_array($attribute) && !empty($attribute['is_variation'])) {
$attribute_name = $attribute['name'];
$values = isset($attribute['value']) ? explode('|', $attribute['value']) : [];
$variation_attributes[$attribute_name] = array_map('trim', $values);
}
}
return $variation_attributes;
}
/**
* Get variation prices (regular, sale, and final prices)
* Override because WC_Product_Variable uses data_store which doesn't work
* properly with custom variable product types
*/
public function get_variation_prices($for_display = false): array
{
$children = $this->get_children();
if (empty($children)) {
return [
'price' => [],
'regular_price' => [],
'sale_price' => [],
];
}
$prices = [
'price' => [],
'regular_price' => [],
'sale_price' => [],
];
foreach ($children as $child_id) {
$variation = wc_get_product($child_id);
if ($variation) {
$price = $variation->get_price();
$regular_price = $variation->get_regular_price();
$sale_price = $variation->get_sale_price();
if ('' !== $price) {
$prices['price'][$child_id] = $price;
}
if ('' !== $regular_price) {
$prices['regular_price'][$child_id] = $regular_price;
}
if ('' !== $sale_price) {
$prices['sale_price'][$child_id] = $sale_price;
}
}
}
// Sort prices
asort($prices['price']);
asort($prices['regular_price']);
asort($prices['sale_price']);
$this->prices_array = $prices;
return $this->prices_array;
}
/**
* Get available variations for this product
* Override because WC_Product_Variable uses data_store which doesn't work
* properly with custom variable product types
*/
public function get_available_variations($return = 'array')
{
$children = $this->get_children();
$available_variations = [];
foreach ($children as $child_id) {
$variation = wc_get_product($child_id);
if (!$variation) {
continue;
}
// Check if variation should be available
if (!$variation->exists()) {
continue;
}
// Check if purchasable (has price)
if (!$variation->is_purchasable()) {
continue;
}
// Build variation data
if ($return === 'array') {
$variationData = $this->get_available_variation($variation);
// Override availability_html to be empty for licensed products
$variationData['availability_html'] = '';
$available_variations[] = $variationData;
} else {
$available_variations[] = $variation;
}
}
if ($return === 'array') {
$available_variations = array_values(array_filter($available_variations));
}
return $available_variations;
}
/**
* Get max activations for this product (parent default)
* Falls back to default settings if not set on product
*/
public function get_max_activations(): int
{
$value = $this->get_meta('_licensed_max_activations', true);
if ($value !== '' && $value !== null) {
return max(1, (int) $value);
}
return SettingsController::getDefaultMaxActivations();
}
/**
* Check if product has custom max activations set
*/
public function has_custom_max_activations(): bool
{
$value = $this->get_meta('_licensed_max_activations', true);
return $value !== '' && $value !== null;
}
/**
* Get validity days (parent default - variations override this)
* Falls back to default settings if not set on product
*/
public function get_validity_days(): ?int
{
$value = $this->get_meta('_licensed_validity_days', true);
if ($value !== '' && $value !== null) {
return (int) $value > 0 ? (int) $value : null;
}
return SettingsController::getDefaultValidityDays();
}
/**
* Check if product has custom validity days set
*/
public function has_custom_validity_days(): bool
{
$value = $this->get_meta('_licensed_validity_days', true);
return $value !== '' && $value !== null;
}
/**
* Check if license should be bound to major version
* Falls back to default settings if not set on product
*/
public function is_bound_to_version(): bool
{
$value = $this->get_meta('_licensed_bind_to_version', true);
if ($value !== '' && $value !== null) {
return $value === 'yes';
}
return SettingsController::getDefaultBindToVersion();
}
/**
* Check if product has custom bind to version setting
*/
public function has_custom_bind_to_version(): bool
{
$value = $this->get_meta('_licensed_bind_to_version', true);
return $value !== '' && $value !== null;
}
/**
* Get current software version (derived from latest product version)
*/
public function get_current_version(): string
{
$versionManager = new VersionManager();
$latestVersion = $versionManager->getLatestVersion($this->get_id());
return $latestVersion ? $latestVersion->getVersion() : '';
}
/**
* Get major version number from version string
*/
public function get_major_version(): int
{
$versionManager = new VersionManager();
$latestVersion = $versionManager->getLatestVersion($this->get_id());
if ($latestVersion) {
return $latestVersion->getMajorVersion();
}
return 1;
}
}

417
src/Update/PluginUpdateChecker.php Normal file
View File

@@ -0,0 +1,417 @@
<?php
/**
* Plugin Update Checker
*
* Checks for plugin updates from the configured license server.
*
* @package Jeremias\WcLicensedProduct\Update
*/
declare(strict_types=1);
namespace Jeremias\WcLicensedProduct\Update;
use Jeremias\WcLicensedProduct\License\PluginLicenseChecker;
use Symfony\Component\HttpClient\HttpClient;
/**
* Handles checking for plugin updates from the license server
*
* This class hooks into WordPress's native plugin update system to check for
* updates from the configured license server. It validates the license and
* provides download authentication.
*/
final class PluginUpdateChecker
{
/**
* Cache key for update info
*/
private const CACHE_KEY = 'wclp_update_info';
/**
* Default cache TTL (12 hours)
*/
private const DEFAULT_CACHE_TTL = 43200;
/**
* Singleton instance
*/
private static ?self $instance = null;
/**
* Plugin slug
*/
private string $pluginSlug;
/**
* Plugin basename (slug/slug.php)
*/
private string $pluginBasename;
/**
* Get singleton instance
*/
public static function getInstance(): self
{
if (self::$instance === null) {
self::$instance = new self();
}
return self::$instance;
}
/**
* Private constructor for singleton
*/
private function __construct()
{
$this->pluginSlug = 'wc-licensed-product';
$this->pluginBasename = WC_LICENSED_PRODUCT_PLUGIN_BASENAME;
}
/**
* Register WordPress hooks for update checking
*/
public function register(): void
{
// Skip if auto-updates are disabled
if ($this->isAutoUpdateDisabled()) {
return;
}
// Check for updates
add_filter('pre_set_site_transient_update_plugins', [$this, 'checkForUpdates']);
// Provide plugin information for the update modal
add_filter('plugins_api', [$this, 'getPluginInfo'], 10, 3);
// Add authentication headers to download requests
add_filter('http_request_args', [$this, 'addAuthHeaders'], 10, 2);
// Clear cache on settings save
add_action('update_option_wc_licensed_product_plugin_license_key', [$this, 'clearCache']);
add_action('update_option_wc_licensed_product_plugin_license_server_url', [$this, 'clearCache']);
}
/**
* Check if auto-updates are disabled
*/
private function isAutoUpdateDisabled(): bool
{
// Check constant
if (defined('WC_LICENSE_DISABLE_AUTO_UPDATE') && WC_LICENSE_DISABLE_AUTO_UPDATE) {
return true;
}
// Check setting
$enabled = get_option('wc_licensed_product_plugin_auto_update_enabled', 'yes');
return $enabled !== 'yes';
}
/**
* Check for plugin updates
*
* @param object $transient The update_plugins transient
* @return object Modified transient
*/
public function checkForUpdates($transient)
{
if (empty($transient->checked)) {
return $transient;
}
// Get cached update info or fetch fresh
$updateInfo = $this->getUpdateInfo();
if (!$updateInfo || !isset($updateInfo['update_available']) || !$updateInfo['update_available']) {
return $transient;
}
// Compare versions
$currentVersion = $transient->checked[$this->pluginBasename] ?? WC_LICENSED_PRODUCT_VERSION;
if (version_compare($updateInfo['version'], $currentVersion, '>')) {
$transient->response[$this->pluginBasename] = $this->buildUpdateObject($updateInfo);
}
return $transient;
}
/**
* Get plugin information for the update modal
*
* @param false|object|array $result The result object or array
* @param string $action The API action
* @param object $args Request arguments
* @return false|object
*/
public function getPluginInfo($result, string $action, object $args)
{
if ($action !== 'plugin_information') {
return $result;
}
if (!isset($args->slug) || $args->slug !== $this->pluginSlug) {
return $result;
}
// Get update info
$updateInfo = $this->getUpdateInfo(true);
if (!$updateInfo) {
return $result;
}
return $this->buildPluginInfoObject($updateInfo);
}
/**
* Add authentication headers to download requests
*
* @param array $args HTTP request arguments
* @param string $url Request URL
* @return array Modified arguments
*/
public function addAuthHeaders(array $args, string $url): array
{
// Only modify requests to our license server
$serverUrl = $this->getLicenseServerUrl();
if (empty($serverUrl) || strpos($url, parse_url($serverUrl, PHP_URL_HOST)) === false) {
return $args;
}
// Only modify download requests
if (strpos($url, 'license-download') === false) {
return $args;
}
// Add license key to headers for potential server-side verification
$licenseKey = $this->getLicenseKey();
if (!empty($licenseKey)) {
$args['headers']['X-License-Key'] = $licenseKey;
}
return $args;
}
/**
* Get update info from cache or server
*
* @param bool $forceRefresh Force refresh from server
* @return array|null Update info or null if unavailable
*/
public function getUpdateInfo(bool $forceRefresh = false): ?array
{
// Check cache unless force refresh
if (!$forceRefresh) {
$cached = get_transient(self::CACHE_KEY);
if ($cached !== false) {
return $cached;
}
}
// Fetch from server
$updateInfo = $this->fetchUpdateInfo();
if ($updateInfo) {
// Cache the result
$cacheTtl = $this->getCacheTtl();
set_transient(self::CACHE_KEY, $updateInfo, $cacheTtl);
}
return $updateInfo;
}
/**
* Fetch update info from the license server
*/
private function fetchUpdateInfo(): ?array
{
$serverUrl = $this->getLicenseServerUrl();
$licenseKey = $this->getLicenseKey();
if (empty($serverUrl) || empty($licenseKey)) {
return null;
}
try {
$httpClient = HttpClient::create([
'timeout' => 15,
'verify_peer' => true,
]);
$updateCheckUrl = rtrim($serverUrl, '/') . '/wp-json/wc-licensed-product/v1/update-check';
$response = $httpClient->request('POST', $updateCheckUrl, [
'json' => [
'license_key' => $licenseKey,
'domain' => $this->getCurrentDomain(),
'plugin_slug' => $this->pluginSlug,
'current_version' => WC_LICENSED_PRODUCT_VERSION,
],
]);
if ($response->getStatusCode() !== 200) {
return null;
}
$data = $response->toArray();
// Verify response structure
if (!isset($data['success']) || !$data['success']) {
return null;
}
return $data;
} catch (\Throwable $e) {
// Log error but don't break the site
if (defined('WP_DEBUG') && WP_DEBUG) {
error_log('WC Licensed Product: Update check failed - ' . $e->getMessage());
}
return null;
}
}
/**
* Build WordPress update object for transient
*/
private function buildUpdateObject(array $updateInfo): object
{
$update = new \stdClass();
$update->id = $this->pluginSlug;
$update->slug = $updateInfo['slug'] ?? $this->pluginSlug;
$update->plugin = $this->pluginBasename;
$update->new_version = $updateInfo['version'];
$update->url = $updateInfo['homepage'] ?? '';
$update->package = $updateInfo['download_url'] ?? $updateInfo['package'] ?? '';
if (isset($updateInfo['tested'])) {
$update->tested = $updateInfo['tested'];
}
if (isset($updateInfo['requires'])) {
$update->requires = $updateInfo['requires'];
}
if (isset($updateInfo['requires_php'])) {
$update->requires_php = $updateInfo['requires_php'];
}
if (isset($updateInfo['icons'])) {
$update->icons = $updateInfo['icons'];
}
return $update;
}
/**
* Build plugin info object for plugins_api
*/
private function buildPluginInfoObject(array $updateInfo): object
{
$info = new \stdClass();
$info->name = $updateInfo['name'] ?? 'WC Licensed Product';
$info->slug = $updateInfo['slug'] ?? $this->pluginSlug;
$info->version = $updateInfo['version'];
$info->author = '<a href="https://src.bundespruefstelle.ch/magdev">Marco Graetsch</a>';
$info->homepage = $updateInfo['homepage'] ?? '';
$info->requires = $updateInfo['requires'] ?? '6.0';
$info->tested = $updateInfo['tested'] ?? '';
$info->requires_php = $updateInfo['requires_php'] ?? '8.3';
$info->downloaded = 0;
$info->last_updated = $updateInfo['last_updated'] ?? '';
$info->download_link = $updateInfo['download_url'] ?? $updateInfo['package'] ?? '';
// Sections for the modal
$info->sections = [];
if (isset($updateInfo['sections']['description'])) {
$info->sections['description'] = $updateInfo['sections']['description'];
} else {
$info->sections['description'] = __(
'WooCommerce plugin for selling licensed software products with domain-bound license keys.',
'wc-licensed-product'
);
}
if (isset($updateInfo['sections']['changelog']) || isset($updateInfo['changelog'])) {
$info->sections['changelog'] = $updateInfo['sections']['changelog'] ?? $updateInfo['changelog'];
}
// Banners and icons
if (isset($updateInfo['banners'])) {
$info->banners = $updateInfo['banners'];
}
if (isset($updateInfo['icons'])) {
$info->icons = $updateInfo['icons'];
}
return $info;
}
/**
* Clear the update cache
*/
public function clearCache(): void
{
delete_transient(self::CACHE_KEY);
}
/**
* Get cache TTL from settings or default
*/
private function getCacheTtl(): int
{
$hours = (int) get_option('wc_licensed_product_update_check_frequency', 12);
return max(1, $hours) * HOUR_IN_SECONDS;
}
/**
* Get the license server URL from settings
*/
private function getLicenseServerUrl(): string
{
// Check constant override first
if (defined('WC_LICENSE_UPDATE_CHECK_URL') && WC_LICENSE_UPDATE_CHECK_URL) {
return WC_LICENSE_UPDATE_CHECK_URL;
}
return (string) get_option('wc_licensed_product_plugin_license_server_url', '');
}
/**
* Get the license key from settings
*/
private function getLicenseKey(): string
{
return (string) get_option('wc_licensed_product_plugin_license_key', '');
}
/**
* Get the current domain from the site URL
*/
private function getCurrentDomain(): string
{
$siteUrl = get_site_url();
$parsed = parse_url($siteUrl);
$host = $parsed['host'] ?? 'localhost';
if (isset($parsed['port'])) {
$host .= ':' . $parsed['port'];
}
return strtolower($host);
}
/**
* Force an immediate update check
*
* Useful for admin interfaces where user clicks "Check for updates"
*/
public function forceUpdateCheck(): ?array
{
$this->clearCache();
return $this->getUpdateInfo(true);
}
}

4
wc-licensed-product.php
View File

@@ -3,7 +3,7 @@
* Plugin Name: WooCommerce Licensed Product
* Plugin URI: https://src.bundespruefstelle.ch/magdev/wc-licensed-product
* Description: WooCommerce plugin to sell software products using license keys with domain-based validation.
* Version: 0.5.2
* Version: 0.6.0
* Author: Marco Graetsch
* Author URI: https://src.bundespruefstelle.ch/magdev
* License: GPL-2.0-or-later
@@ -28,7 +28,7 @@ if (!defined('ABSPATH')) {
}
// Plugin constants
define('WC_LICENSED_PRODUCT_VERSION', '0.5.2');
define('WC_LICENSED_PRODUCT_VERSION', '0.6.0');
define('WC_LICENSED_PRODUCT_PLUGIN_FILE', __FILE__);
define('WC_LICENSED_PRODUCT_PLUGIN_DIR', plugin_dir_path(__FILE__));
define('WC_LICENSED_PRODUCT_PLUGIN_URL', plugin_dir_url(__FILE__));