· 9 years ago · Aug 04, 2016, 09:54 AM
1https://github.com/themizzi/Custom-Magento-Rest-Api2
2https://www.magentocommerce.com/magento-connect/rest-api-oauth-direct-login-extension.html
3
4<?php
5class Custom_Restapi_Model_Api2_Restapi_Rest_Guest_V1 extends Custom_Restapi_Model_Api2_Restapi
6{
7
8 /**
9 * Create a customer
10 * @return array
11 */
12
13 public function _create(array $data) {
14
15 $firstName = $data['firstname'];
16 $lastName = $data['lastname'];
17 $email = $data['email'];
18 $password = $data['password'];
19
20 $customer = Mage::getModel("customer/customer");
21
22 $customer->setFirstname($firstName);
23 $customer->setLastname($lastName);
24 $customer->setEmail($email);
25 $customer->setPasswordHash(md5($password));
26 $customer->save();
27 //return json_encode(array("testing","Success"));
28 //return $customer->getId();
29
30 //return $this->_getLocation($customer);
31
32
33 $oauthConsumerKey='0167229419fcc5de3cfac3ff9062csdf402';
34 $oauthConsumerSecret='afba22feae63538e99s05399698sdfd621da';
35 $username=$email;
36 $password=$password;
37 $baseurl='http://localhost/my_magento/';
38 //initiate
39 $realm = $baseurl;
40 $endpointUrl = $realm."oauth/initiate";
41 $oauthCallback = $baseurl;
42 $oauthNonce = uniqid(mt_rand(1, 1000));
43 $oauthSignatureMethod = "HMAC-SHA1";
44 $oauthTimestamp = time();
45 $oauthVersion = "1.0";
46 $oauthMethod = "POST";
47
48
49 $params = array(
50 "oauth_callback" => $oauthCallback,
51 "oauth_consumer_key" => $oauthConsumerKey,
52 "oauth_nonce" => $oauthNonce,
53 "oauth_signature_method" => $oauthSignatureMethod,
54 "oauth_timestamp" => $oauthTimestamp,
55 "oauth_version" => $oauthVersion,
56 );
57 $data = http_build_query($params);
58
59 $encodedData = $oauthMethod."&".urlencode($endpointUrl)."&".urlencode($data);
60 $key = $oauthConsumerSecret."&";
61 $signature = hash_hmac("sha1",$encodedData, $key, 1);
62 $oauthSignature = base64_encode($signature);
63
64 $header = "Authorization: OAuth realm="$realm",";
65 foreach ($params as $key=>$value){
66 $header .= $key.'="'.$value."", ";
67 }
68 $header .= "oauth_signature="".$oauthSignature.'"';
69
70 $curl = curl_init();
71
72 curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
73 curl_setopt($curl, CURLOPT_FOLLOWLOCATION, 1);
74 curl_setopt($curl, CURLOPT_CUSTOMREQUEST, 'POST');
75 //curl_setopt($curl, CURLOPT_POST, true);
76 curl_setopt($curl, CURLOPT_HTTPHEADER, array($header));
77 curl_setopt($curl, CURLOPT_URL, $endpointUrl);
78
79 $response = curl_exec($curl);
80 curl_close($curl);
81
82 $response = explode('&',$response);
83 $key = explode('=',$response[0]);
84 $secret = explode('=',$response[1]);
85 $oauthkey = $key[1];
86 $oauthsecret = $secret[1];
87
88 //echo $oauthkey.' '.$oauthsecret."n";
89
90 //authorize
91
92 $url = $baseurl.'oauth/authorize?oauth_token='.$oauthkey.'&username='.$username.'&password='.$password;
93
94 $curl = curl_init();
95 $ch = curl_init();
96 curl_setopt($ch, CURLOPT_URL, $url);
97 curl_setopt($ch, CURLOPT_HEADER, true);
98 curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); // Must be set to true so that PHP follows any "Location:" header
99 curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
100
101 $a = curl_exec($ch); // $a will contain all headers
102
103 $url = curl_getinfo($ch, CURLINFO_EFFECTIVE_URL);
104 curl_close($ch);
105
106 $url = explode('&',$url);
107 $url = explode('=',$url[1]);
108 $verifier = $url[1];
109
110
111 //oauth access
112 $endpointUrl = $realm."oauth/token";
113 $params2 = array(
114 'oauth_consumer_key' => $oauthConsumerKey,
115 'oauth_nonce' => uniqid(mt_rand(1, 1000)),
116 'oauth_signature_method' => 'HMAC-SHA1',
117 'oauth_timestamp' => time(),
118 'oauth_version' => '1.0',
119 'oauth_token' => $oauthkey,
120 'oauth_verifier' => $verifier,
121 );
122
123 $method = 'POST';
124 // this is the url to get Request Token according to Magento doc
125 $url = $endpointUrl;
126
127 // start making the signature
128 ksort($params2); // @see Zend_Oauth_Signature_SignatureAbstract::_toByteValueOrderedQueryString() for more accurate sorting, including array params
129 $sortedParamsByKeyEncodedForm = array();
130 foreach ($params2 as $key => $value) {
131 $sortedParamsByKeyEncodedForm[] = rawurlencode($key) . '=' . rawurlencode($value);
132 }
133 $strParams = implode('&', $sortedParamsByKeyEncodedForm);
134 $signatureData = strtoupper($method) // HTTP method (POST/GET/PUT/...)
135 . '&'
136 . rawurlencode($url) // base resource url - without port & query params & anchors, @see how Zend extracts it in Zend_Oauth_Signature_SignatureAbstract::normaliseBaseSignatureUrl()
137 . '&'
138 . rawurlencode($strParams);
139
140 $key = rawurlencode($oauthConsumerSecret) . '&' . rawurlencode($oauthsecret);
141 $oauthSignature = base64_encode(hash_hmac('SHA1', $signatureData, $key, 1));
142
143 $header = "Authorization: OAuth realm="$realm",";
144 foreach ($params2 as $key=>$value){
145 $header .= $key.'="'.$value."", ";
146 }
147 $header .= "oauth_signature="".$oauthSignature.'"';
148
149 $curl = curl_init();
150
151 curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
152 curl_setopt($curl, CURLOPT_FOLLOWLOCATION, 1);
153 curl_setopt($curl, CURLOPT_CUSTOMREQUEST, 'POST');
154 //curl_setopt($curl, CURLOPT_POST, true);
155 curl_setopt($curl, CURLOPT_HTTPHEADER, array($header));
156 curl_setopt($curl, CURLOPT_URL, $endpointUrl);
157
158 $response = curl_exec($curl);
159 curl_close($curl);
160
161
162 $response = explode('&',$response);
163 $access_key = explode('=',$response[0]);
164 $access_key = $access_key[1];
165 $access_secret = explode('=',$response[1]);
166 $access_secret = $access_secret[1];
167
168
169 return $access_key.','.$access_secret;
170 //return "success";*/
171
172
173 }
174
175
176}