public function handle($httpConfig, $request, $options)
{
$credential = $request->getCredential();
if (isset($credential)) {
$thirdPartyAuth = $credential->getThirdPartyAuthorization();
if ($thirdPartyAuth && $thirdPartyAuth instanceof PPTokenAuthorization) {
$authSignature = AuthSignature::generateFullAuthString($credential->getUsername(), $credential->getPassword(), $thirdPartyAuth->getAccessToken(), $thirdPartyAuth->getTokenSecret(), $httpConfig->getMethod(), $httpConfig->getUrl());
if (isset($options['port']) && ($options['port'] == 'PayPalAPI' || $options['port'] == 'PayPalAPIAA')) {
$httpConfig->addHeader('X-PP-AUTHORIZATION', $authSignature);
} else {
$httpConfig->addHeader('X-PAYPAL-AUTHORIZATION', $authSignature);
}
}
if ($credential instanceof PPSignatureCredential) {
$handler = new PPSignatureAuthHandler($credential);
} else {
if ($credential instanceof PPCertificateCredential) {
$handler = new PPCertificateAuthHandler($credential);
} else {
throw new PPInvalidCredentialException();
}
}
$handler->handle($httpConfig, $request, $options);
}
}
/**
* @test
*/
public function testHeadersAddedForSOAP()
{
$options = array('config' => array('mode' => 'sandbox'), 'serviceName' => 'AdaptivePayments', 'apiMethod' => 'ConvertCurrency');
$req = new PPRequest(new StdClass(), 'SOAP');
$handler = new PPCertificateAuthHandler();
// Test that no headers are added if no credential is passed
$httpConfig = new PPHttpConfig();
$handler->handle($httpConfig, $req, $options);
$this->assertEquals('', $req->getBindingInfo('securityHeader'));
// Test that the 3 token SOAP headers are added for first party API calls
$req = new PPRequest(new StdClass(), 'SOAP');
$req->setCredential(new PPCertificateCredential('user', 'pass', 'cacert.pem'));
$handler->handle($httpConfig, $req, $options);
$this->assertContains('<ebl:Username>', $req->getBindingInfo('securityHeader'));
$this->assertContains('<ebl:Password>', $req->getBindingInfo('securityHeader'));
$this->assertArrayHasKey(CURLOPT_SSLCERT, $httpConfig->getCurlOptions());
// Test addition of 'subject' SOAP header for subject based third party auth
$req = new PPRequest(new StdClass(), 'SOAP');
$cred = new PPCertificateCredential('user', 'pass', 'cacert.pem');
$cred->setThirdPartyAuthorization(new PPSubjectAuthorization('*****@*****.**'));
$req->setCredential($cred);
$handler->handle($httpConfig, $req, $options);
$this->assertContains('<ebl:Username>', $req->getBindingInfo('securityHeader'));
$this->assertContains('<ebl:Password>', $req->getBindingInfo('securityHeader'));
$this->assertContains('<ebl:Subject>', $req->getBindingInfo('securityHeader'));
$this->assertArrayHasKey(CURLOPT_SSLCERT, $httpConfig->getCurlOptions());
// Test that no auth related HTTP headers (username, password, sign?) are
// added for token based third party auth
$req = new PPRequest(new StdClass(), 'SOAP');
$req->setCredential(new PPCertificateCredential('user', 'pass', 'cacert.pem'));
$req->getCredential()->setThirdPartyAuthorization(new PPTokenAuthorization('token', 'tokenSecret'));
$handler->handle($httpConfig, $req, $options);
$this->assertContains('<ns:RequesterCredentials/>', $req->getBindingInfo('securityHeader'));
$this->assertEquals(0, count($httpConfig->getHeaders()));
$this->assertArrayHasKey(CURLOPT_SSLCERT, $httpConfig->getCurlOptions());
}
