WooCommerce REST API Endpoints Not Being Cached with OAuth 1.0

  • emad63

    (@emad63)


    10 months, 3 weeks ago


    Hello,

    I'm currently using the WP REST Cache plugin alongside the WooCommerce REST API, and I'm encountering an issue where the /wc/v3/products and /wc/v3/products/categories endpoints are not being cached as expected.

    We are authenticating requests using OAuth 1.0, and even after forcing all OAuth query parameters to remain constant (e.g., hardcoding oauth_nonce, oauth_signature, etc.), the plugin still fails to cache the responses. Inside the plugin’s "Request Headers" tab, we consistently see:

    json
    Copy
    Edit
    {"authorization": null}
    This suggests the Authorization header is not being detected or passed correctly, even though we are using valid OAuth-signed requests.

    All the appropriate filters are in place (wp_rest_cache/allowed_endpoints, cacheable_request_headers, etc.), and a unique cache key is being generated, but the cache is still missed every time.

    Could you please advise on how to ensure the plugin recognizes OAuth 1.0 credentials and allows caching for these WooCommerce endpoints?

    Thank you!

    this my code 

    function wprc_add_wc_endpoints( $allowed_endpoints ) {

        if ( ! isset( $allowed_endpoints[ 'wc/v3' ] ) ) {

            $allowed_endpoints[ 'wc/v3' ] = [];

        }

        // Add WooCommerce API endpoints for caching

        $allowed_endpoints['wc/v3'][] = 'products';

        $allowed_endpoints['wc/v3'][] = 'products/categories';

        return $allowed_endpoints;

    }

    add_filter('wp_rest_cache/allowed_endpoints', 'wprc_add_wc_endpoints', 10, 1);

    // Add cacheable request headers for authorization

    function wprc_add_cacheable_request_headers( $cacheable_headers ) {

        $cacheable_headers['wc/v3/products'] = 'authorization';

        $cacheable_headers['wc/v3/products/categories'] = 'authorization'; // Ensure categories are also cached

        return $cacheable_headers;

    }

    add_filter('wp_rest_cache/cacheable_request_headers', 'wprc_add_cacheable_request_headers', 10, 1);

    // Determine object type for WooCommerce products, categories, and orders

    function wc_determine_object_type( $type, $cache_key, $data, $uri ) {

        if ( strpos( $uri, '/wp-json/wc/v3/products/categories' ) !== false ) {

            return 'product_cat';

        } elseif ( strpos( $uri, '/wp-json/wc/v3/products' ) !== false ) {

            return 'product';

        }

        return $type;

    }

    add_filter( 'wp_rest_cache/determine_object_type', 'wc_determine_object_type', 10, 4 );

    add_filter('wp_rest_cache/cache_query_params', function($cache_query_params, $request_uri) {

        if (strpos($request_uri, '/wc/v3/products/categories') !== false || strpos($request_uri, '/wc/v3/products') !== false) {

            $allowed_params = ['per_page', 'orderby', 'order', 'category', 'search', 'include', 'exclude', 'slug', 'status', 'stock_status', 'page'];

            if (!is_array($cache_query_params)) {

                $cache_query_params = [];

            }

            $cache_query_params = array_unique(array_merge($cache_query_params, $allowed_params));

        }

        return $cache_query_params;

    }, 10, 2);

    // Flush product and category cache on category changes

    function wc_flush_product_and_category_caches() {

        $caching = \WP_REST_Cache_Plugin\Includes\Caching\Caching::get_instance();

        // Flush both product and category caches

        $caching->delete_cache_by_endpoint( '/wp-json/wc/v3/products', \WP_REST_Cache_Plugin\Includes\Caching\Caching::FLUSH_LOOSE );

        $caching->delete_cache_by_endpoint( '/wp-json/wc/v3/products/categories', \WP_REST_Cache_Plugin\Includes\Caching\Caching::FLUSH_LOOSE );

    }

    add_action( 'created_product_cat', 'wc_flush_product_and_category_caches', 10 );

    add_action( 'edit_product_cat', 'wc_flush_product_and_category_caches', 10 );

    add_action( 'delete_product_cat', 'wc_flush_product_and_category_caches', 10 );

    add_action( 'save_post_product', 'wc_flush_product_and_category_caches', 10 ); // Clear cache on product updates
Viewing 1 replies (of 1 total)
  • Plugin Author Richard Korthuis

    (@rockfire)

    10 months, 3 weeks ago

    Hi @emad63

    Thank you for using our plugin!

    I just did a test on my local environnment using your code and it is working fine for me. The request is being cached (although in my situation the nonce, signature and timestamp aren’t constant, so each call is a new cache (not very useful)) and the Request Headers are saved correctly:
    {"authorization":"OAuth oauth_consumer_key=\"<MY_KEY>\",oauth_signature_method=\"HMAC-SHA1\",oauth_timestamp=\"1747049231\",oauth_nonce=\"<NONCE>\",oauth_version=\"1.0\",oauth_signature=\"<SIGNATURE>\""}

    I did my test using Postman and when using Oauth 1.0 it also offers the option to not add the authorization data to the headers, but to the request body/request url. Could it be your authorization data is added to the request url? If I select that option, the cache is saved with a request URI like this:
    /wp-json/wc/v3/products?oauth_consumer_key=<MY_KEY>&oauth_nonce=<NONCE>&oauth_signature=<SIGNATURE>&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1747049180&oauth_version=1.0

    I could make this work by adding the nonce, signature and timestamp to the uncached parameters like this:

    add_filter( 'wp_rest_cache/uncached_parameters', function( $parameters ) {
    	$parameters[] = 'oauth_timestamp';
    	$parameters[] = 'oauth_signature';
    	$parameters[] = 'oauth_nonce';
    	return $parameters;
    });

    In this case there is no need to add the authorization header to the cacheable request headers. But do keep in mind that when caching authorized calls, when the cache is retrieved no authorization checks are performed.

Viewing 1 replies (of 1 total)

The topic ‘WooCommerce REST API Endpoints Not Being Cached with OAuth 1.0’ is closed to new replies.