-
-
Save infosec-au/2c4c6f6dd57a086931ed55b0aecaa07b to your computer and use it in GitHub Desktop.
Interact with capillary APIs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
// Author : Shubs (@infosec_au) | |
// Edited by Supras to make it public + clear some parts | |
// Requirement : php, php-curl, php-xml | |
// $ php api_capillary_ecom.php | |
// the XML response is printed out to console | |
// APIs URL | |
// See : https://capillary.github.io/ecom-api-document/ | |
$orderURL = 'https://www.martjack.com/developerapi/Customer/MERCHANT_ID/All'; // Don't forget to edit MERCHANT_ID value | |
// Don't forget to edit PUBLIC_KEY, SECRET values | |
$auth = new ReturnAuth(array('key' => 'PUBLIC_KEY', 'secret' => 'SECRET', 'url' => $orderURL)); // Don't forget to edit PUBLIC_KEY, SECRET values | |
$result = $auth->getRequestToken(); | |
echo($result); | |
class ReturnAuth { | |
var $key = 'PUBLIC_KEY'; // Don't forget to edit PUBLIC_KEY value | |
var $secret = 'SECRET'; // Don't forget to edit SECRET value | |
function __construct($config) { | |
$this->key = 'PUBLIC_KEY'; // Don't forget to edit PUBLIC_KEY value | |
$this->secret = 'SECRET'; // Don't forget to edit SECRET value | |
$this->request_token = $config['url']; // secret from MJ | |
} | |
function getRequestToken() { | |
// Default params | |
$params = array("oauth_version" => "1.0", "oauth_nonce" => time(), "oauth_timestamp" => time(), "oauth_consumer_key" => $this->key, "oauth_signature_method" => "HMAC-SHA1"); | |
// BUILD SIGNATURE | |
// encode params keys, values, join and then sort. | |
$keys = $this->_urlencode_rfc3986(array_keys($params)); | |
$values = $this->_urlencode_rfc3986(array_values($params)); | |
$params = array_combine($keys, $values); | |
uksort($params, 'strcmp'); | |
// convert params to string | |
foreach ($params as $k => $v) { | |
$pairs[] = $this->_urlencode_rfc3986($k) . '=' . $this->_urlencode_rfc3986($v); | |
} | |
$concatenatedParams = implode('&', $pairs); | |
// form base string (first key) | |
$baseString = "GET&" . $this->_urlencode_rfc3986($this->request_token) . "&" . $this->_urlencode_rfc3986($concatenatedParams); | |
//~ $GLOBALS['log']->fatal("Base String " . $baseString); | |
// form secret (second key) | |
$secret = $this->_urlencode_rfc3986($this->secret) . "&"; | |
// make signature and append to params | |
$params['oauth_signature'] = $this->_urlencode_rfc3986(base64_encode(hash_hmac('sha1', $baseString, $secret, TRUE))); | |
// BUILD URL | |
// Resort | |
uksort($params, 'strcmp'); | |
// convert params to string | |
foreach ($params as $k => $v) { | |
$urlPairs[] = $k . "=" . $v; | |
} | |
$concatenatedUrlParams = implode('&', $urlPairs); | |
// form url | |
$url = $this->request_token . "?" . $concatenatedUrlParams; | |
// Send to cURL | |
//~ $GLOBALS['log']->fatal("print url to log"); | |
//~ $GLOBALS['log']->fatal($url); | |
return $this->_http($url); | |
} | |
function _http($url, $post_data = null) { | |
$ch = curl_init(); | |
curl_setopt($ch, CURLOPT_URL, $url); | |
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 100); | |
curl_setopt($ch, CURLOPT_TIMEOUT, 100); | |
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE); | |
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); | |
if (isset($post_data)) { | |
curl_setopt($ch, CURLOPT_POST, 1); | |
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_data); | |
} | |
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/Json', 'Connection: Keep-Alive', 'apiversion: 3')); | |
$response = curl_exec($ch); | |
//~ $GLOBALS['log']->fatal($response); | |
//~ $GLOBALS['log']->fatal(print_r($response,true)); | |
$this->http_status = curl_getinfo($ch, CURLINFO_HTTP_CODE); | |
$this->last_api_call = $url; | |
curl_close($ch); | |
echo($response); | |
$xml = simplexml_load_string($response); | |
$json = json_encode($xml); | |
$array = json_decode($json, TRUE); | |
return $array; | |
} | |
function _urlencode_rfc3986($input) { | |
if (is_array($input)) { | |
return array_map(array('ReturnAuth', '_urlencode_rfc3986'), $input); | |
} else if (is_scalar($input)) { | |
return str_replace('+', ' ', str_replace('%7E', '~', rawurlencode($input))); | |
} else { | |
return ''; | |
} | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment