Kit · n7studios · Dec 16, 2025 · Dec 12, 2025 · Dec 12, 2025 · Dec 12, 2025
diff --git a/composer.json b/composer.json
@@ -4,7 +4,7 @@
     "type": "project",
     "license": "GPLv3",
     "require": {
-        "convertkit/convertkit-wordpress-libraries": "2.1.2"
+        "convertkit/convertkit-wordpress-libraries": "dev-add-invalid-access-token-to-hook"
     },
     "require-dev": {
         "php-webdriver/webdriver": "^1.0",

diff --git a/includes/class-integrate-convertkit-wpforms-admin-notices.php b/includes/class-integrate-convertkit-wpforms-admin-notices.php
@@ -0,0 +1,223 @@
+<?php
+/**
+ * ConvertKit WPForms Admin Notices class.
+ *
+ * @package ConvertKit_WPForms
+ * @author ConvertKit
+ */
+
+/**
+ * Add and remove persistent error messages across all
+ * WordPress Administration screens.
+ *
+ * @package ConvertKit_WPForms
+ * @author ConvertKit
+ */
+class Integrate_ConvertKit_WPForms_Admin_Notices {
+
+	/**
+	 * Holds the class object.
+	 *
+	 * @since   1.8.9
+	 *
+	 * @var     object
+	 */
+	private static $instance;
+
+	/**
+	 * The key prefix to use for stored notices
+	 *
+	 * @since   1.8.9
+	 *
+	 * @var     string
+	 */
+	private $key_prefix = 'integrate-convertkit-wpforms-admin-notices';
+
+	/**
+	 * Register output function to display persistent notices
+	 * in the WordPress Administration, if any exist.
+	 *
+	 * @since   1.8.9
+	 */
+	public function __construct() {
+
+		add_action( 'admin_notices', array( $this, 'output' ) );
+
+	}
+
+	/**
+	 * Output persistent notices in the WordPress Administration
+	 *
+	 * @since   1.8.9
+	 */
+	public function output() {
+
+		// Don't output if we don't have the required capabilities to fix the issue.
+		if ( ! current_user_can( 'manage_options' ) ) {
+			return;
+		}
+
+		// Bail if no notices exist.
+		$notices = get_option( $this->key_prefix );
+		if ( ! $notices ) {
+			return;
+		}
+
+		// Output notices.
+		foreach ( $notices as $notice ) {
+			switch ( $notice ) {
+				case 'authorization_failed':
+					$output = sprintf(
+						'%s %s',
+						esc_html__( 'Kit for WPForms: Authorization failed. Please', 'integrate-convertkit-wpforms' ),
+						sprintf(
+							'<a href="%s">%s</a>',
+							esc_url( admin_url( 'admin.php?page=wpforms-settings&view=integrations' ) ),
+							esc_html__( 'reconnect your Kit account.', 'integrate-convertkit-wpforms' )
+						)
+					);
+					break;
+
+				default:
+					$output = '';
+
+					/**
+					 * Define the text to output in an admin error notice.
+					 *
+					 * @since   1.8.9
+					 *
+					 * @param   string  $notice     Admin notice name.
+					 */
+					$output = apply_filters( 'integrate_convertkit_wpforms_admin_notices_output_' . $notice, $output );
+					break;
+			}
+
+			// If no output defined, skip.
+			if ( empty( $output ) ) {
+				continue;
+			}
+			?>
+			<div class="notice notice-error">
+				<p>
+					<?php
+					echo wp_kses(
+						$output,
+						wp_kses_allowed_html( 'post' )
+					);
+					?>
+				</p>
+			</div>
+			<?php
+		}
+
+	}
+
+	/**
+	 * Add a persistent notice for output in the WordPress Administration.
+	 *
+	 * @since   1.8.9
+	 *
+	 * @param   string $notice     Notice name.
+	 * @return  bool                Notice saved successfully
+	 */
+	public function add( $notice ) {
+
+		// If no other persistent notices exist, add one now.
+		if ( ! $this->exist() ) {
+			return update_option( $this->key_prefix, array( $notice ) );
+		}
+
+		// Fetch existing persistent notices.
+		$notices = $this->get();
+
+		// Add notice to existing notices.
+		$notices[] = $notice;
+
+		// Remove any duplicate notices.
+		$notices = array_values( array_unique( $notices ) );
+
+		// Update and return.
+		return update_option( $this->key_prefix, $notices );
+
+	}
+
+	/**
+	 * Returns all notices stored in the options table.
+	 *
+	 * @since   1.8.9
+	 *
+	 * @return  array
+	 */
+	public function get() {
+
+		// Fetch all notices from the options table.
+		return get_option( $this->key_prefix );
+
+	}
+
+	/**
+	 * Whether any persistent notices are stored in the option table.
+	 *
+	 * @since   1.8.9
+	 *
+	 * @return  bool
+	 */
+	public function exist() {
+
+		if ( ! $this->get() ) {
+			return false;
+		}
+
+		return true;
+
+	}
+
+	/**
+	 * Delete all persistent notices.
+	 *
+	 * @since   1.8.9
+	 *
+	 * @param   string $notice     Notice name.
+	 * @return  bool                Success
+	 */
+	public function delete( $notice ) {
+
+		// If no persistent notices exist, there's nothing to delete.
+		if ( ! $this->exist() ) {
+			return false;
+		}
+
+		// Fetch existing persistent notices.
+		$notices = $this->get();
+
+		// Remove notice from existing notices.
+		$index = array_search( $notice, $notices, true );
+		if ( $index !== false ) {
+			unset( $notices[ $index ] );
+		}
+
+		// Update and return.
+		return update_option( $this->key_prefix, $notices );
+
+	}
+
+	/**
+	 * Returns the singleton instance of the class.
+	 *
+	 * @since   1.8.9
+	 *
+	 * @return  object Class.
+	 */
+	public static function get_instance() {
+
+		if ( null === self::$instance ) {
+			self::$instance = new self();
+		}
+
+		return self::$instance;
+
+	}
+
+}
+
+new Integrate_ConvertKit_WPForms_Admin_Notices();
diff --git a/includes/class-integrate-convertkit-wpforms-api.php b/includes/class-integrate-convertkit-wpforms-api.php
@@ -113,4 +113,17 @@ public function __construct( $client_id, $redirect_uri, $access_token = false, $
 
 	}
 
+	/**
+	 * Returns the access token.
+	 *
+	 * @since   1.8.9
+	 *
+	 * @return  string
+	 */
+	public function access_token() {
+
+		return $this->access_token;
+
+	}
+
 }
diff --git a/includes/class-integrate-convertkit-wpforms-resource.php b/includes/class-integrate-convertkit-wpforms-resource.php
@@ -14,6 +14,13 @@
  */
 class Integrate_ConvertKit_WPForms_Resource extends ConvertKit_Resource_V4 {
 
+	/**
+	 * The API class
+	 *
+	 * @var     bool|Integrate_ConvertKit_WPForms_API
+	 */
+	public $api = false;
+
 	/**
 	 * Constructor.
 	 *
@@ -33,8 +40,34 @@ public function __construct( $api_instance, $account_id = '' ) {
 			$this->settings_name .= '_' . $account_id;
 		}
 
-		// Call parent initialization function.
-		parent::init();
+		// Get last query time and existing resources.
+		$this->last_queried = get_option( $this->settings_name . '_last_queried' );
+		$this->resources    = get_option( $this->settings_name );
+
+	}
+
+	/**
+	 * Fetches resources (custom fields, forms, sequences or tags) from the API, storing them in the options table
+	 * with a last queried timestamp.
+	 *
+	 * If the refresh results in a 401, removes the access and refresh tokens from the connection.
+	 *
+	 * @since   1.8.9
+	 *
+	 * @return  WP_Error|array
+	 */
+	public function refresh() {
+
+		// Call parent refresh method.
+		$result = parent::refresh();
+
+		// If an error occured, maybe delete credentials from the Plugin's settings
+		// if the error is a 401 unauthorized.
+		if ( is_wp_error( $result ) ) {
+			integrate_convertkit_wpforms_maybe_delete_credentials( $result, INTEGRATE_CONVERTKIT_WPFORMS_OAUTH_CLIENT_ID, $this->api->access_token() );
+		}
+
+		return $result;
 
 	}