x0XgSYkN

1<?php
2
3use OAuth\Common\Consumer\Credentials;
4use OAuth\Common\Http\Client\ClientInterface;
5use OAuth\Common\Http\Exception\TokenResponseException;
6use OAuth\Common\Http\Uri\Uri;
7use OAuth\Common\Http\Uri\UriInterface;
8use OAuth\Common\Storage\TokenStorageInterface;
9use OAuth\OAuth1\Service\AbstractService;
10use OAuth\OAuth1\Signature\SignatureInterface;
11use OAuth\OAuth1\Token\StdOAuth1Token;
12use OAuth\OAuth1\Token\TokenInterface;
13
14class OauthClient extends AbstractService
15{
16    /** @var string|null */
17    protected $_oauthVerifier = null;
18
19    public function __construct(
20        Credentials $credentials,
21        ClientInterface $httpClient = null,
22        TokenStorageInterface $storage = null,
23        SignatureInterface $signature = null,
24        UriInterface $baseApiUri = null
25    ) {
26        if (!isset($httpClient)) {
27            $httpClient = new \OAuth\Common\Http\Client\StreamClient();
28        }
29        if (!isset($storage)) {
30            $storage = new \OAuth\Common\Storage\Session();
31        }
32        if (!isset($signature)) {
33            $signature = new \OAuth\OAuth1\Signature\Signature($credentials);
34        }
35        parent::__construct($credentials, $httpClient, $storage, $signature, $baseApiUri);
36    }
37
38    /**
39     * @return UriInterface
40     */
41    public function getRequestTokenEndpoint()
42    {
43        return new Uri('http://magento.host/oauth/token/request');
44    }
45
46    /**
47     * Returns the authorization API endpoint.
48     *
49     * @throws \OAuth\Common\Exception\Exception
50     */
51    public function getAuthorizationEndpoint()
52    {
53        throw new \OAuth\Common\Exception\Exception(
54            'Magento REST API is 2-legged. Current operation is not available.'
55        );
56    }
57
58    /**
59     * Returns the access token API endpoint.
60     *
61     * @return UriInterface
62     */
63    public function getAccessTokenEndpoint()
64    {
65        return new Uri('http://magento.host/oauth/token/access');
66    }
67
68    /**
69     * Parses the access token response and returns a TokenInterface.
70     *
71     * @param string $responseBody
72     * @return TokenInterface
73     */
74    protected function parseAccessTokenResponse($responseBody)
75    {
76        return $this->_parseToken($responseBody);
77    }
78
79    /**
80     * Parses the request token response and returns a TokenInterface.
81     *
82     * @param string $responseBody
83     * @return TokenInterface
84     * @throws TokenResponseException
85     */
86    protected function parseRequestTokenResponse($responseBody)
87    {
88        $data = $this->_parseResponseBody($responseBody);
89        if (isset($data['oauth_verifier'])) {
90            $this->_oauthVerifier = $data['oauth_verifier'];
91        }
92        return $this->_parseToken($responseBody);
93    }
94
95    /**
96     * Parse response body and create oAuth token object based on parameters provided.
97     *
98     * @param string $responseBody
99     * @return StdOAuth1Token
100     * @throws TokenResponseException
101     */
102    protected function _parseToken($responseBody)
103    {
104        $data = $this->_parseResponseBody($responseBody);
105        $token = new StdOAuth1Token();
106        $token->setRequestToken($data['oauth_token']);
107        $token->setRequestTokenSecret($data['oauth_token_secret']);
108        $token->setAccessToken($data['oauth_token']);
109        $token->setAccessTokenSecret($data['oauth_token_secret']);
110        $token->setEndOfLife(StdOAuth1Token::EOL_NEVER_EXPIRES);
111        unset($data['oauth_token'], $data['oauth_token_secret']);
112        $token->setExtraParams($data);
113        return $token;
114    }
115
116    /**
117     * Parse response body and return data in array.
118     *
119     * @param string $responseBody
120     * @return array
121     * @throws \OAuth\Common\Http\Exception\TokenResponseException
122     */
123    protected function _parseResponseBody($responseBody)
124    {
125        if (!is_string($responseBody)) {
126            throw new TokenResponseException("Response body is expected to be a string.");
127        }
128        parse_str($responseBody, $data);
129        if (null === $data || !is_array($data)) {
130            throw new TokenResponseException('Unable to parse response.');
131        } elseif (isset($data['error'])) {
132            throw new TokenResponseException("Error occurred: '{$data['error']}'");
133        }
134        return $data;
135    }
136
137    /**
138     * @override to fix since parent implementation from lib not sending the oauth_verifier when requesting access token
139     * Builds the authorization header for an authenticated API request
140     *
141     * @param string $method
142     * @param UriInterface $uri the uri the request is headed
143     * @param \OAuth\OAuth1\Token\TokenInterface $token
144     * @param $bodyParams array
145     * @return string
146     */
147    protected function buildAuthorizationHeaderForAPIRequest(
148        $method,
149        UriInterface $uri,
150        TokenInterface $token,
151        $bodyParams = null
152    ) {
153        $this->signature->setTokenSecret($token->getAccessTokenSecret());
154        $parameters = $this->getBasicAuthorizationHeaderInfo();
155        if (isset($parameters['oauth_callback'])) {
156            unset($parameters['oauth_callback']);
157        }
158
159        $parameters = array_merge($parameters, ['oauth_token' => $token->getAccessToken()]);
160        $parameters = array_merge($parameters, $bodyParams);
161        $parameters['oauth_signature'] = $this->signature->getSignature($uri, $parameters, $method);
162
163        $authorizationHeader = 'OAuth ';
164        $delimiter = '';
165
166        foreach ($parameters as $key => $value) {
167            $authorizationHeader .= $delimiter . rawurlencode($key) . '="' . rawurlencode($value) . '"';
168            $delimiter = ', ';
169        }
170
171        return $authorizationHeader;
172    }
173}