private function generateAuthString($apiCred, $accessToken, $tokenSecret, $endpoint) { $key = $apiCred->getUserName(); $secret = $apiCred->getPassword(); $auth = new AuthSignature(); $response = $auth->genSign($key, $secret, $accessToken, $tokenSecret, 'POST', $endpoint); $authString = "token=" . $accessToken . ",signature=" . $response['oauth_signature'] . ",timestamp=" . $response['oauth_timestamp']; return $authString; }
public function handle($httpConfig, $request, $options) { $credential = $request->getCredential(); if (isset($credential)) { $thirdPartyAuth = $credential->getThirdPartyAuthorization(); if ($thirdPartyAuth && $thirdPartyAuth instanceof PPTokenAuthorization) { $authSignature = AuthSignature::generateFullAuthString($credential->getUsername(), $credential->getPassword(), $thirdPartyAuth->getAccessToken(), $thirdPartyAuth->getTokenSecret(), $httpConfig->getMethod(), $httpConfig->getUrl()); if (isset($options['port']) && ($options['port'] == 'PayPalAPI' || $options['port'] == 'PayPalAPIAA')) { $httpConfig->addHeader('X-PP-AUTHORIZATION', $authSignature); } else { $httpConfig->addHeader('X-PAYPAL-AUTHORIZATION', $authSignature); } } if ($credential instanceof PPSignatureCredential) { $handler = new PPSignatureAuthHandler($credential); } else { if ($credential instanceof PPCertificateCredential) { $handler = new PPCertificateAuthHandler($credential); } else { throw new PPInvalidCredentialException(); } } $handler->handle($httpConfig, $request, $options); } }
public function handle($httpConfig, $request) { $credential = $request->getCredential(); if (!isset($credential)) { return; } $thirdPartyAuth = $credential->getThirdPartyAuthorization(); if ($thirdPartyAuth && $thirdPartyAuth instanceof PPTokenAuthorization) { $httpConfig->addHeader('X-PAYPAL-AUTHORIZATION', AuthSignature::generateFullAuthString($credential->getUsername(), $credential->getPassword(), $thirdPartyAuth->getAccessToken(), $thirdPartyAuth->getTokenSecret(), $httpConfig->getMethod(), $httpConfig->getUrl())); } switch ($request->getBindingType()) { case 'NV': if (!$thirdPartyAuth || !$thirdPartyAuth instanceof PPTokenAuthorization) { $httpConfig->addHeader('X-PAYPAL-SECURITY-USERID', $credential->getUserName()); $httpConfig->addHeader('X-PAYPAL-SECURITY-PASSWORD', $credential->getPassword()); $httpConfig->addHeader('X-PAYPAL-SECURITY-SIGNATURE', $credential->getSignature()); if ($thirdPartyAuth) { $httpConfig->addHeader('X-PAYPAL-SECURITY-SUBJECT', $thirdPartyAuth->getSubject()); } } break; case 'SOAP': if ($thirdPartyAuth && $thirdPartyAuth instanceof PPTokenAuthorization) { $request->addBindingInfo('securityHeader', '<ns:RequesterCredentials/>'); } else { $securityHeader = '<ns:RequesterCredentials><ebl:Credentials>'; $securityHeader .= '<ebl:Username>' . $credential->getUserName() . '</ebl:Username>'; $securityHeader .= '<ebl:Password>' . $credential->getPassword() . '</ebl:Password>'; $securityHeader .= '<ebl:Signature>' . $credential->getSignature() . '</ebl:Signature>'; if ($thirdPartyAuth && $thirdPartyAuth instanceof PPSubjectAuthorization) { $securityHeader .= '<ebl:Subject>' . $thirdPartyAuth->getSubject() . '</ebl:Subject>'; } $securityHeader .= '</ebl:Credentials></ns:RequesterCredentials>'; $request->addBindingInfo('securityHeader', $securityHeader); } break; } }
public static function generateFullAuthString($key, $secret, $token, $tokenSecret, $httpMethod, $endpoint) { $authSignature = new AuthSignature(); $response = $authSignature->genSign($key, $secret, $token, $tokenSecret, $httpMethod, $endpoint); return "token=" . $token . ",signature=" . $response['oauth_signature'] . ",timestamp=" . $response['oauth_timestamp']; }