Created
January 12, 2015 07:11
-
-
Save anupdugar/2870f28a5c108cc43df9 to your computer and use it in GitHub Desktop.
Scripts to demo Magento 2 Oauth1.a token exchange
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| require '../vendor/autoload.php'; | |
| $consumer = $_REQUEST['consumer_id']; | |
| $callback = $_REQUEST['callback_url']; | |
| session_id('test'); | |
| session_start(); | |
| $consumerKey = $_SESSION['oauth_consumer_key']; | |
| $consumerSecret = $_SESSION['oauth_consumer_secret']; | |
| $magentoBaseUrl = rtrim($_SESSION['store_base_url'], '/'); | |
| $oauthVerifier = $_SESSION['oauth_verifier']; | |
| define('TESTS_BASE_URL', $magentoBaseUrl); | |
| $credentials = new \OAuth\Common\Consumer\Credentials($consumerKey, $consumerSecret, $magentoBaseUrl); | |
| $oAuthClient = new OauthClient($credentials); | |
| $requestToken = $oAuthClient->requestRequestToken(); | |
| $accessToken = $oAuthClient->requestAccessToken( | |
| $requestToken->getRequestToken(), | |
| $oauthVerifier, | |
| $requestToken->getRequestTokenSecret() | |
| ); | |
| header("location: $callback"); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| session_id('test'); | |
| session_start(); | |
| $_SESSION['oauth_consumer_key'] = $_POST['oauth_consumer_key']; | |
| $_SESSION['oauth_consumer_secret'] = $_POST['oauth_consumer_secret']; | |
| $_SESSION['store_base_url'] = $_POST['store_base_url']; | |
| $_SESSION['oauth_verifier'] = $_POST['oauth_verifier']; | |
| session_write_close(); | |
| header("HTTP/1.0 200 OK"); | |
| echo "Response"; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| $consumerId = $_REQUEST['consumer_id']; | |
| $callbackUrl = urlencode(urldecode($_REQUEST['success_call_back'])); | |
| echo <<<HTML | |
| <table width="300" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC"> | |
| <tr> | |
| <form name="form1" method="post" action="checklogin.php?consumer_id={$consumerId}&callback_url={$callbackUrl}"> | |
| <td> | |
| <table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF"> | |
| <tr> | |
| <td colspan="3"><strong>Integrations Login</strong></td> | |
| </tr> | |
| <tr> | |
| <td width="78">Username</td> | |
| <td width="6">:</td> | |
| <td width="294"><input name="myusername" type="text" id="myusername"></td> | |
| </tr> | |
| <tr> | |
| <td>Password</td> | |
| <td>:</td> | |
| <td><input name="mypassword" type="text" id="mypassword"></td> | |
| </tr> | |
| <tr> | |
| <td> </td> | |
| <td> </td> | |
| <td><input type="submit" name="Submit" value="Login"></td> | |
| </tr> | |
| </table> | |
| </td> | |
| </form> | |
| </tr> | |
| </table> | |
| HTML; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| use OAuth\Common\Consumer\Credentials; | |
| use OAuth\Common\Http\Client\ClientInterface; | |
| use OAuth\Common\Http\Exception\TokenResponseException; | |
| use OAuth\Common\Http\Uri\Uri; | |
| use OAuth\Common\Http\Uri\UriInterface; | |
| use OAuth\Common\Storage\TokenStorageInterface; | |
| use OAuth\OAuth1\Service\AbstractService; | |
| use OAuth\OAuth1\Signature\SignatureInterface; | |
| use OAuth\OAuth1\Token\StdOAuth1Token; | |
| use OAuth\OAuth1\Token\TokenInterface; | |
| class OauthClient extends AbstractService | |
| { | |
| /** @var string|null */ | |
| protected $_oauthVerifier = null; | |
| public function __construct( | |
| Credentials $credentials, | |
| ClientInterface $httpClient = null, | |
| TokenStorageInterface $storage = null, | |
| SignatureInterface $signature = null, | |
| UriInterface $baseApiUri = null | |
| ) { | |
| if (!isset($httpClient)) { | |
| $httpClient = new \OAuth\Common\Http\Client\StreamClient(); | |
| } | |
| if (!isset($storage)) { | |
| $storage = new \OAuth\Common\Storage\Session(); | |
| } | |
| if (!isset($signature)) { | |
| $signature = new \OAuth\OAuth1\Signature\Signature($credentials); | |
| } | |
| parent::__construct($credentials, $httpClient, $storage, $signature, $baseApiUri); | |
| } | |
| /** | |
| * @return UriInterface | |
| */ | |
| public function getRequestTokenEndpoint() | |
| { | |
| return new Uri('http://magento.ll/oauth/token/request'); | |
| } | |
| /** | |
| * Returns the authorization API endpoint. | |
| * | |
| * @throws \OAuth\Common\Exception\Exception | |
| */ | |
| public function getAuthorizationEndpoint() | |
| { | |
| throw new \OAuth\Common\Exception\Exception( | |
| 'Magento REST API is 2-legged. Current operation is not available.' | |
| ); | |
| } | |
| /** | |
| * Returns the access token API endpoint. | |
| * | |
| * @return UriInterface | |
| */ | |
| public function getAccessTokenEndpoint() | |
| { | |
| return new Uri('http://magento.ll/oauth/token/access'); | |
| } | |
| /** | |
| * Parses the access token response and returns a TokenInterface. | |
| * | |
| * @param string $responseBody | |
| * @return TokenInterface | |
| */ | |
| protected function parseAccessTokenResponse($responseBody) | |
| { | |
| return $this->_parseToken($responseBody); | |
| } | |
| /** | |
| * Parses the request token response and returns a TokenInterface. | |
| * | |
| * @param string $responseBody | |
| * @return TokenInterface | |
| * @throws TokenResponseException | |
| */ | |
| protected function parseRequestTokenResponse($responseBody) | |
| { | |
| $data = $this->_parseResponseBody($responseBody); | |
| if (isset($data['oauth_verifier'])) { | |
| $this->_oauthVerifier = $data['oauth_verifier']; | |
| } | |
| return $this->_parseToken($responseBody); | |
| } | |
| /** | |
| * Parse response body and create oAuth token object based on parameters provided. | |
| * | |
| * @param string $responseBody | |
| * @return StdOAuth1Token | |
| * @throws TokenResponseException | |
| */ | |
| protected function _parseToken($responseBody) | |
| { | |
| $data = $this->_parseResponseBody($responseBody); | |
| $token = new StdOAuth1Token(); | |
| $token->setRequestToken($data['oauth_token']); | |
| $token->setRequestTokenSecret($data['oauth_token_secret']); | |
| $token->setAccessToken($data['oauth_token']); | |
| $token->setAccessTokenSecret($data['oauth_token_secret']); | |
| $token->setEndOfLife(StdOAuth1Token::EOL_NEVER_EXPIRES); | |
| unset($data['oauth_token'], $data['oauth_token_secret']); | |
| $token->setExtraParams($data); | |
| return $token; | |
| } | |
| /** | |
| * Parse response body and return data in array. | |
| * | |
| * @param string $responseBody | |
| * @return array | |
| * @throws \OAuth\Common\Http\Exception\TokenResponseException | |
| */ | |
| protected function _parseResponseBody($responseBody) | |
| { | |
| if (!is_string($responseBody)) { | |
| throw new TokenResponseException("Response body is expected to be a string."); | |
| } | |
| parse_str($responseBody, $data); | |
| if (null === $data || !is_array($data)) { | |
| throw new TokenResponseException('Unable to parse response.'); | |
| } elseif (isset($data['error'])) { | |
| throw new TokenResponseException("Error occurred: '{$data['error']}'"); | |
| } | |
| return $data; | |
| } | |
| /** | |
| * @override to fix since parent implementation from lib not sending the oauth_verifier when requesting access token | |
| * Builds the authorization header for an authenticated API request | |
| * | |
| * @param string $method | |
| * @param UriInterface $uri the uri the request is headed | |
| * @param \OAuth\OAuth1\Token\TokenInterface $token | |
| * @param $bodyParams array | |
| * @return string | |
| */ | |
| protected function buildAuthorizationHeaderForAPIRequest( | |
| $method, | |
| UriInterface $uri, | |
| TokenInterface $token, | |
| $bodyParams = null | |
| ) { | |
| $this->signature->setTokenSecret($token->getAccessTokenSecret()); | |
| $parameters = $this->getBasicAuthorizationHeaderInfo(); | |
| if (isset($parameters['oauth_callback'])) { | |
| unset($parameters['oauth_callback']); | |
| } | |
| $parameters = array_merge($parameters, ['oauth_token' => $token->getAccessToken()]); | |
| $parameters = array_merge($parameters, $bodyParams); | |
| $parameters['oauth_signature'] = $this->signature->getSignature($uri, $parameters, $method); | |
| $authorizationHeader = 'OAuth '; | |
| $delimiter = ''; | |
| foreach ($parameters as $key => $value) { | |
| $authorizationHeader .= $delimiter . rawurlencode($key) . '="' . rawurlencode($value) . '"'; | |
| $delimiter = ', '; | |
| } | |
| return $authorizationHeader; | |
| } | |
| } |
Author
anupdugar
commented
Jan 12, 2015
- These scripts can be used to simulate the Magento 2 Oauth 1.0a token exchange flow in the admin to obtain credentials to make authenticated API requests.
- For ease, scripts can be dropped under your Magento root pub folder ex: <M2_root>/pub/ so that they can be exposed as endpoints that your Magento application can interact with to mimic the token exchange.
- The oauth client is extended from and attributed to https://github.com/Lusitanian/PHPoAuthLib which is the same lib used in the https://github.com/magento/magento2/blob/develop/dev/tests/api-functional/framework/Magento/TestFramework/Authentication/Rest/OauthClient.php.
- Make sure you update the baseUrl in OauthClient.php. Currently its http://magento.ll.
- Steps for Oauth 1.0a token exchange flow :
- Login to your Magento application's admin and navigate to Integrations section ex: http://m2_host/admin/admin/integration
- Click on "Add new Integration"
- Complete all details in the Integration Info tab:
- Name : SomeUniqueIntegrationName
- Callback URL : http://m2_host/pub/endpoint.php
- Identity link URL : http://m2_host/pub/login.php
- Add necessary permissions from the API tab
- Click on "Save and Activate" option from the drop down
- You should see the popup confirming API permissions. Click Allow. (Make sure Pop-ups are allowed)
- This will also post credentials to the endpoint : pub/endpoint.php. You should also see another popup for the identity linking step that opens up the script from pub/login.php.
- Click login ( there is no login check since its dummy). The pub/checklogin.php script is called which uses the posted credentials to complete the token exchange
- When the token exchange completes successfully the user is redirected back to the Integrations Grid. The integration grid should show the newly created integration as "Active".
- Click on the edit icon of the integration and check the Integration Details on the Integration Info Tab. It should show all the credentials that can be used to make an authenticated API request using Oauth 1.0
Not sure how magically sharing one session session_id('test'); is a realistic example.
i m unable to use this code . will u plz help me to run it?
Hi, The code is working fine for me. I have one quick question, Is it possible to do authorization without 'admin login'? I want to use it for Rest Api's.
Thanks in Advance.
Its not working in magento 2.0 @lunkadbhushan what will be changes in files to run successfully.
I have get the data in checklogin.php file
$oAuthClient = new OauthClient($credentials);
print_r($oAuthClient);
But after below code its return blank
$requestToken = $oAuthClient->requestRequestToken();
Thanks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment