From 7709544c54bdbba12ce075b57978e31a3d995d6c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Lucas=20Garc=C3=ADa?= <lucas@codeccoop.org>
Date: Thu, 13 Nov 2025 20:39:18 +0100
Subject: [PATCH 1/5] feat: exclude package managers dev files from dist
 archive

---
 .distignore | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.distignore b/.distignore
index 84519f65..c4f986f7 100755
--- a/.distignore
+++ b/.distignore
@@ -23,11 +23,11 @@ behat.yml
 bitbucket-pipelines.yml
 bin
 .circleci/config.yml
-# composer.json
+composer.json
 composer.lock
 dependencies.yml
 Gruntfile.js
-# package.json
+package.json
 package-lock.json
 phpunit.xml
 phpunit.xml.dist

From 9cfb7ef7262ed18be0d55fc1cda9012161a6bb30 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Lucas=20Garc=C3=ADa?= <lucas@codeccoop.org>
Date: Fri, 14 Nov 2025 01:07:55 +0100
Subject: [PATCH 2/5] feat: bearer credential authorization based on refresh
 and access token + expiration date

---
 src/components/Credential/AuthorizeButton.jsx  | 18 +++++++++++++++++-
 .../Wizard/useAuthorizedCredential.js          | 15 ++++++++++++++-
 2 files changed, 31 insertions(+), 2 deletions(-)

diff --git a/src/components/Credential/AuthorizeButton.jsx b/src/components/Credential/AuthorizeButton.jsx
index 74679b04..54ac47bd 100644
--- a/src/components/Credential/AuthorizeButton.jsx
+++ b/src/components/Credential/AuthorizeButton.jsx
@@ -3,6 +3,7 @@ import { useError } from "../../providers/Error";
 import { useFetchSettings } from "../../providers/Settings";
 import { restUrl } from "../../lib/utils";
 
+const { useMemo } = wp.element;
 const { Button } = wp.components;
 const apiFetch = wp.apiFetch;
 const { __ } = wp.i18n;
@@ -13,6 +14,21 @@ export default function AuthorizeButton({ addon, data }) {
 
   const fetchSettings = useFetchSettings();
 
+  const authorized = useMemo(() => {
+    if (!(data.access_token && data.expires_at)) return false;
+
+    if (data.refresh_token) {
+      return true;
+    }
+
+    let expirationDate = new Date(data.expires_at);
+    if (expirationDate.getFullYear() === 1970) {
+      expirationDate = new Date(data.expires_at * 1000);
+    }
+
+    return Date.now() < expirationDate.getTime();
+  }, [data.access_token, data.expires_at]);
+
   const revoke = () => {
     setLoading(true);
 
@@ -65,7 +81,7 @@ export default function AuthorizeButton({ addon, data }) {
       .finally(() => setLoading(false));
   };
 
-  if (data.refresh_token) {
+  if (authorized) {
     return (
       <Button
         onClick={revoke}
diff --git a/src/components/Templates/Wizard/useAuthorizedCredential.js b/src/components/Templates/Wizard/useAuthorizedCredential.js
index 58d8edb3..9b5b4ad9 100644
--- a/src/components/Templates/Wizard/useAuthorizedCredential.js
+++ b/src/components/Templates/Wizard/useAuthorizedCredential.js
@@ -66,7 +66,20 @@ export default function useAuthorizedCredential({ data = {}, fields = [] }) {
 
   const isOauth = data.schema === "Bearer";
 
-  const authorized = !isOauth || !!data.refresh_token;
+  const authorized = useMemo(() => {
+    if (!(isOauth && data.access_token && data.expires_at)) return false;
+
+    if (data.refresh_token) {
+      return true;
+    }
+
+    let expirationDate = new Date(data.expires_at);
+    if (expirationDate.getFullYear() === 1970) {
+      expirationDate = new Date(data.expires_at * 1000);
+    }
+
+    return Date.now() < expirationDate.getTime();
+  }, [isOauth, data.access_token, data.expires_at]);
 
   const fetchSettings = useFetchSettings();
   useEffect(() => {

From 51f4b54c57a2419d126a0b908d77a284e90a73c5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Lucas=20Garc=C3=ADa?= <lucas@codeccoop.org>
Date: Fri, 14 Nov 2025 01:08:33 +0100
Subject: [PATCH 3/5] fix: remove misleading nextcloud login field description

---
 .../addons/nextcloud/class-nextcloud-addon.php     |  3 ++-
 .../nextcloud/class-nextcloud-form-bridge.php      |  2 +-
 forms-bridge/addons/nextcloud/hooks.php            | 14 +++++---------
 3 files changed, 8 insertions(+), 11 deletions(-)

diff --git a/forms-bridge/addons/nextcloud/class-nextcloud-addon.php b/forms-bridge/addons/nextcloud/class-nextcloud-addon.php
index d905a391..f2d88079 100644
--- a/forms-bridge/addons/nextcloud/class-nextcloud-addon.php
+++ b/forms-bridge/addons/nextcloud/class-nextcloud-addon.php
@@ -43,7 +43,8 @@ class Nextcloud_Addon extends Addon {
 	const BRIDGE = '\FORMS_BRIDGE\Nextcloud_Form_Bridge';
 
 	/**
-	 * Addon loader. Set up hooks to skip payload prunes if it comes from a nextcloud bridge.
+	 * Addon loader. Set up hooks to skip payload prunes if it comes from a
+	 * nextcloud bridge.
 	 */
 	public function load() {
 		parent::load();
diff --git a/forms-bridge/addons/nextcloud/class-nextcloud-form-bridge.php b/forms-bridge/addons/nextcloud/class-nextcloud-form-bridge.php
index f5245880..71d1093f 100644
--- a/forms-bridge/addons/nextcloud/class-nextcloud-form-bridge.php
+++ b/forms-bridge/addons/nextcloud/class-nextcloud-form-bridge.php
@@ -209,7 +209,7 @@ private function add_row( $payload ) {
 	}
 
 	/**
-	 * Submits submission to the backend.
+	 * Sends the payload to the backend.
 	 *
 	 * @param array $payload Submission data.
 	 * @param array $attachments Submission attachments.
diff --git a/forms-bridge/addons/nextcloud/hooks.php b/forms-bridge/addons/nextcloud/hooks.php
index 0793fd4b..b5ba18bb 100644
--- a/forms-bridge/addons/nextcloud/hooks.php
+++ b/forms-bridge/addons/nextcloud/hooks.php
@@ -86,15 +86,11 @@ function ( $defaults, $addon, $schema ) {
 						'value' => 'Basic',
 					),
 					array(
-						'ref'         => '#credential',
-						'name'        => 'client_id',
-						'label'       => __( 'User login', 'forms-bridge' ),
-						'description' => __(
-							'Either, a user name or email',
-							'forms-bridge'
-						),
-						'type'        => 'text',
-						'required'    => true,
+						'ref'      => '#credential',
+						'name'     => 'client_id',
+						'label'    => __( 'User login', 'forms-bridge' ),
+						'type'     => 'text',
+						'required' => true,
 					),
 					array(
 						'ref'      => '#credential',

From f2c6e0d2d8f228e8022f3ab13e6e1b07b1b0e8d2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Lucas=20Garc=C3=ADa?= <lucas@codeccoop.org>
Date: Fri, 14 Nov 2025 01:09:17 +0100
Subject: [PATCH 4/5] feat: gsheets addon php docs

---
 .../addons/gsheets/class-gsheets-addon.php    | 14 +++-
 .../gsheets/class-gsheets-form-bridge.php     | 64 +++++++++++++++++--
 forms-bridge/addons/gsheets/hooks.php         | 11 +++-
 forms-bridge/deps/http                        |  2 +-
 4 files changed, 80 insertions(+), 11 deletions(-)

diff --git a/forms-bridge/addons/gsheets/class-gsheets-addon.php b/forms-bridge/addons/gsheets/class-gsheets-addon.php
index eafc1859..16937aa3 100644
--- a/forms-bridge/addons/gsheets/class-gsheets-addon.php
+++ b/forms-bridge/addons/gsheets/class-gsheets-addon.php
@@ -1,8 +1,14 @@
 <?php
+/**
+ * Class Google_Sheets_Addon
+ *
+ * @package formsbridge
+ */
 
 namespace FORMS_BRIDGE;
 
 use FBAPI;
+use WP_Error;
 
 if ( ! defined( 'ABSPATH' ) ) {
 	exit();
@@ -37,13 +43,17 @@ class Google_Sheets_Addon extends Addon {
 	 */
 	const BRIDGE = '\FORMS_BRIDGE\Google_Sheets_Form_Bridge';
 
+	/**
+	 * Addon loader. Set up hooks to skip payload prunes if it comes from a
+	 * google sheets bridge.
+	 */
 	public function load() {
 		parent::load();
 
 		add_filter(
 			'forms_bridge_prune_empties',
 			static function ( $prune, $bridge ) {
-				if ( $bridge->addon === 'gsheets' ) {
+				if ( 'gsheets' === $bridge->addon ) {
 					return false;
 				}
 
@@ -85,7 +95,7 @@ public function ping( $backend ) {
 		$parsed = wp_parse_url( $backend->base_url );
 		$host   = $parsed['host'] ?? '';
 
-		if ( $host !== 'sheets.googleapis.com' ) {
+		if ( 'sheets.googleapis.com' !== $host ) {
 			return false;
 		}
 
diff --git a/forms-bridge/addons/gsheets/class-gsheets-form-bridge.php b/forms-bridge/addons/gsheets/class-gsheets-form-bridge.php
index 0b216cff..00048077 100644
--- a/forms-bridge/addons/gsheets/class-gsheets-form-bridge.php
+++ b/forms-bridge/addons/gsheets/class-gsheets-form-bridge.php
@@ -1,4 +1,9 @@
 <?php
+/**
+ * Class Google_Sheets_Form_Bridge
+ *
+ * @package formsbridge
+ */
 
 namespace FORMS_BRIDGE;
 
@@ -13,10 +18,24 @@
  */
 class Google_Sheets_Form_Bridge extends Form_Bridge {
 
+	/**
+	 * Bridge constructor with addon name provisioning.
+	 *
+	 * @param array $data Bridge data.
+	 */
 	public function __construct( $data ) {
 		parent::__construct( $data, 'gsheets' );
 	}
 
+	/**
+	 * Given an array of values returns a value range descriptor.
+	 *
+	 * @param array $values Array of values.
+	 *
+	 * @return string
+	 *
+	 * @deprecated
+	 */
 	private function value_range( $values ) {
 		$range = rawurlencode( $this->tab );
 
@@ -29,12 +48,15 @@ private function value_range( $values ) {
 		$len = strlen( $abc );
 
 		$columns = array();
-		for ( $row = 0; $row < count( $values ); $row++ ) {
+
+		$rows = count( $values );
+		for ( $row = 0; $row < $rows; $row++ ) {
 			$rowcols = array();
-			$i       = -1;
 
-			for ( $col = 0; $col < count( $values[ $row ] ); $col++ ) {
-				if ( $col > 0 && $col % $len === 0 ) {
+			$i    = -1;
+			$cols = count( $values[ $row ] );
+			for ( $col = 0; $col < $cols; $col++ ) {
+				if ( $col > 0 && 0 === $col % $len ) {
 					++$i;
 				}
 
@@ -57,6 +79,13 @@ private function value_range( $values ) {
 		return $range;
 	}
 
+	/**
+	 * Fetches the first row of the sheet and return it as an array of headers / columns.
+	 *
+	 * @param Backend|null $backend Bridge backend instance.
+	 *
+	 * @return array<string>
+	 */
 	public function get_headers( $backend = null ) {
 		if ( ! $this->is_valid ) {
 			return new WP_Error( 'invalid_bridge' );
@@ -77,6 +106,15 @@ public function get_headers( $backend = null ) {
 		return $response['data']['values'][0] ?? array();
 	}
 
+	/**
+	 * Creates a new sheet on the document.
+	 *
+	 * @param integer $index Position of the new sheet in the sheets list.
+	 * @param string  $title Sheet title.
+	 * @param Backend $backend Bridge backend instance.
+	 *
+	 * @return array|WP_Error Sheet data or creation error.
+	 */
 	private function add_sheet( $index, $title, $backend ) {
 		$response = $backend->post(
 			$this->endpoint . ':batchUpdate',
@@ -108,6 +146,13 @@ private function add_sheet( $index, $title, $backend ) {
 		return $response['data'];
 	}
 
+	/**
+	 * Request for the list of sheets of the document.
+	 *
+	 * @param Backend $backend Bridge backend instance.
+	 *
+	 * @return array<string>|WP_Error
+	 */
 	private function get_sheets( $backend ) {
 		$response = $backend->get( $this->endpoint );
 
@@ -124,6 +169,7 @@ private function get_sheets( $backend ) {
 	}
 
 	/**
+	 * Sends the payload to the backend.
 	 *
 	 * @param array $payload Submission data.
 	 * @param array $attachments Submission's attached files. Will be ignored.
@@ -152,7 +198,7 @@ public function submit( $payload = array(), $attachments = array() ) {
 		$endpoint = $this->endpoint . '/values/' . rawurlencode( $this->tab );
 		$method   = $this->method;
 
-		if ( $method === 'POST' || $method === 'PUT' ) {
+		if ( 'POST' === $method || 'PUT' === $method ) {
 			$endpoint .= '!A1:Z:append/?valueInputOption=USER_ENTERED';
 
 			$headers = $this->get_headers( $backend );
@@ -216,6 +262,14 @@ private static function flatten_payload( $payload, $path = '' ) {
 		return $flat;
 	}
 
+	/**
+	 * Returns array values as a flat vector of play key values.
+	 *
+	 * @param mixed  $value Payload value.
+	 * @param string $path Hierarchical path to the value.
+	 *
+	 * @return mixed
+	 */
 	private static function flatten_value( $value, $path = '' ) {
 		if ( ! is_array( $value ) ) {
 			return $value;
diff --git a/forms-bridge/addons/gsheets/hooks.php b/forms-bridge/addons/gsheets/hooks.php
index 35d7c754..58f0b689 100644
--- a/forms-bridge/addons/gsheets/hooks.php
+++ b/forms-bridge/addons/gsheets/hooks.php
@@ -1,4 +1,9 @@
 <?php
+/**
+ * Google Sheets addon hooks
+ *
+ * @package formsbridge
+ */
 
 if ( ! defined( 'ABSPATH' ) ) {
 	exit();
@@ -7,7 +12,7 @@
 add_filter(
 	'forms_bridge_bridge_schema',
 	function ( $schema, $addon ) {
-		if ( $addon !== 'gsheets' ) {
+		if ( 'gsheets' !== $addon ) {
 			return $schema;
 		}
 
@@ -36,7 +41,7 @@ function ( $schema, $addon ) {
 add_filter(
 	'forms_bridge_template_defaults',
 	function ( $defaults, $addon, $schema ) {
-		if ( $addon !== 'gsheets' ) {
+		if ( 'gsheets' !== $addon ) {
 			return $defaults;
 		}
 
@@ -183,7 +188,7 @@ function ( $url, $verb ) {
 			return $url;
 		}
 
-		if ( $verb === 'auth' ) {
+		if ( 'auth' === $verb ) {
 			return $url;
 		}
 
diff --git a/forms-bridge/deps/http b/forms-bridge/deps/http
index 71466126..5faf3f92 160000
--- a/forms-bridge/deps/http
+++ b/forms-bridge/deps/http
@@ -1 +1 @@
-Subproject commit 7146612614c8657ebf4d6c5b6fbf91d38d01250d
+Subproject commit 5faf3f92c48b38573dd45e34598c2de264f17c1c

From d9f786c29d42ff596b9d779726ce95e5592054d8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Lucas=20Garc=C3=ADa?= <lucas@codeccoop.org>
Date: Fri, 14 Nov 2025 01:16:37 +0100
Subject: [PATCH 5/5] feat: deps updates

---
 forms-bridge/deps/http   | 2 +-
 forms-bridge/deps/plugin | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/forms-bridge/deps/http b/forms-bridge/deps/http
index 5faf3f92..25fbd7d0 160000
--- a/forms-bridge/deps/http
+++ b/forms-bridge/deps/http
@@ -1 +1 @@
-Subproject commit 5faf3f92c48b38573dd45e34598c2de264f17c1c
+Subproject commit 25fbd7d0aabcefd3b7db9b50709920d55dd5d058
diff --git a/forms-bridge/deps/plugin b/forms-bridge/deps/plugin
index cfbbf34c..bccdde34 160000
--- a/forms-bridge/deps/plugin
+++ b/forms-bridge/deps/plugin
@@ -1 +1 @@
-Subproject commit cfbbf34c2b5490f6e21e99d814bb89e87ddd7d26
+Subproject commit bccdde34a97aca13a5118e9e08222d0dd0a17129