/**
* Retrieve WSDL content.
*
* @param string $wsdlUrl
* @return string|boolean
*/
protected function _getWsdlContent($wsdlUrl)
{
$accessCredentials = \Magento\TestFramework\Authentication\OauthHelper::getApiAccessCredentials()['key'];
$connection = curl_init($wsdlUrl);
curl_setopt($connection, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($connection, CURLOPT_HTTPHEADER, ['header' => "Authorization: Bearer " . $accessCredentials]);
$responseContent = curl_exec($connection);
$responseDom = new \DOMDocument();
$this->assertTrue($responseDom->loadXML($responseContent), "Valid XML is always expected as a response for WSDL request.");
return $responseContent;
}
/**
* Create a consumer
*/
public static function consumerFixture($date = null)
{
/** Clear the credentials because during the fixture generation, any previous credentials are invalidated */
\Magento\TestFramework\Authentication\OauthHelper::clearApiAccessCredentials();
$consumerCredentials = \Magento\TestFramework\Authentication\OauthHelper::getConsumerCredentials($date);
self::$_consumerKey = $consumerCredentials['key'];
self::$_consumerSecret = $consumerCredentials['secret'];
self::$_verifier = $consumerCredentials['verifier'];
self::$_consumer = $consumerCredentials['consumer'];
self::$_token = $consumerCredentials['token'];
}
/**
* Create SOAP client instance and initialize it with provided WSDL URL.
*
* @param string $wsdlUrl
* @param string $token Authentication token
* @return \Zend\Soap\Client
*/
public function instantiateSoapClient($wsdlUrl, $token = null)
{
$accessCredentials = $token ? $token : \Magento\TestFramework\Authentication\OauthHelper::getApiAccessCredentials()['key'];
$opts = ['http' => ['header' => "Authorization: Bearer " . $accessCredentials]];
$context = stream_context_create($opts);
$soapClient = new \Zend\Soap\Client($wsdlUrl);
$soapClient->setSoapVersion(SOAP_1_2);
$soapClient->setStreamContext($context);
if (TESTS_XDEBUG_ENABLED) {
$soapClient->setCookie('XDEBUG_SESSION', 1);
}
return $soapClient;
}
public function testDisabledIntegrationAuthorizationException()
{
$itemId = 1;
$serviceInfo = ['rest' => ['resourcePath' => '/V1/testmodule1/' . $itemId, 'httpMethod' => \Magento\Framework\Webapi\Rest\Request::HTTP_METHOD_GET], 'soap' => ['service' => 'testModule1AllSoapAndRestV1', 'operation' => 'testModule1AllSoapAndRestV1Item']];
$requestData = ['itemId' => $itemId];
/** Disable integration associated with active OAuth credentials. */
$credentials = \Magento\TestFramework\Authentication\OauthHelper::getApiAccessCredentials();
/** @var \Magento\Integration\Model\Integration $integration */
$integration = $credentials['integration'];
$originalStatus = $integration->getStatus();
$integration->setStatus(\Magento\Integration\Model\Integration::STATUS_INACTIVE)->save();
try {
$this->assertUnauthorizedException($serviceInfo, $requestData);
} catch (\Exception $e) {
/** Restore original status of integration associated with active OAuth credentials */
$integration->setStatus($originalStatus)->save();
throw $e;
}
$integration->setStatus($originalStatus)->save();
}
/**
* {@inheritdoc}
* @throws \LogicException
* @SuppressWarnings(PHPMD.CyclomaticComplexity)
* @SuppressWarnings(PHPMD.NPathComplexity)
*/
public function call($serviceInfo, $arguments = [], $storeCode = null, $integration = null)
{
$storeCode = $storeCode !== null ? (string) $storeCode : $this->defaultStoreCode;
$resourcePath = '/' . $storeCode . $this->_getRestResourcePath($serviceInfo);
$httpMethod = $this->_getRestHttpMethod($serviceInfo);
//Get a valid token
$accessCredentials = OauthHelper::getApiAccessCredentials(null, $integration);
/** @var $oAuthClient \Magento\TestFramework\Authentication\Rest\OauthClient */
$oAuthClient = $accessCredentials['oauth_client'];
$urlFormEncoded = false;
// we're always using JSON
$authHeader = [];
$restServiceInfo = $serviceInfo['rest'];
if (array_key_exists('token', $restServiceInfo)) {
$authHeader = $oAuthClient->buildBearerTokenAuthorizationHeader($restServiceInfo['token']);
} else {
$authHeader = $oAuthClient->buildOauthAuthorizationHeader($this->curlClient->constructResourceUrl($resourcePath), $accessCredentials['key'], $accessCredentials['secret'], ($httpMethod == 'PUT' || $httpMethod == 'POST') && $urlFormEncoded ? $arguments : [], $httpMethod);
}
$authHeader = array_merge($authHeader, ['Accept: application/json', 'Content-Type: application/json']);
switch ($httpMethod) {
case Request::HTTP_METHOD_GET:
$response = $this->curlClient->get($resourcePath, [], $authHeader);
break;
case Request::HTTP_METHOD_POST:
$response = $this->curlClient->post($resourcePath, $arguments, $authHeader);
break;
case Request::HTTP_METHOD_PUT:
$response = $this->curlClient->put($resourcePath, $arguments, $authHeader);
break;
case Request::HTTP_METHOD_DELETE:
$response = $this->curlClient->delete($resourcePath, $authHeader);
break;
default:
throw new \LogicException("HTTP method '{$httpMethod}' is not supported.");
}
if (defined('GENERATE_REST_DOCUMENTATION') && GENERATE_REST_DOCUMENTATION) {
$this->documentationGenerator->generateDocumentation($httpMethod, $resourcePath, $arguments, $response);
}
return $response;
}
protected function tearDown()
{
unset($this->integration);
OauthHelper::clearApiAccessCredentials();
parent::tearDown();
}
/**
* Test create item with missing proper resources
*/
public function testCreateWithoutResources()
{
$createdItemName = 'createdItemName';
$serviceInfo = ['rest' => ['resourcePath' => $this->_restResourcePath, 'httpMethod' => \Magento\Framework\Webapi\Rest\Request::HTTP_METHOD_POST], 'soap' => ['service' => $this->_soapService, 'operation' => $this->_soapService . 'Create']];
$requestData = ['name' => $createdItemName];
// getting new credentials that do not match the api resources
OauthHelper::clearApiAccessCredentials();
OauthHelper::getApiAccessCredentials([]);
try {
$this->assertUnauthorizedException($serviceInfo, $requestData);
} catch (\Exception $e) {
OauthHelper::clearApiAccessCredentials();
throw $e;
}
// to allow good credentials to be restored (this is statically stored on OauthHelper)
OauthHelper::clearApiAccessCredentials();
}
