protected function _getElementHtml(Varien_Data_Form_Element_Abstract $element)
{
$store = null;
$disabled = false;
if ($code = $this->getRequest()->getParam('store')) {
$store = Mage::getModel('core/store')->load($code);
}
if ($store instanceof Mage_Core_Model_Store) {
/* @var Nosto_Tagging_Helper_Account $accountHelper */
$accountHelper = Mage::helper('nosto_tagging/account');
/* @var NostoAccount $nostoAccount */
$nostoAccount = $accountHelper->find($store);
if ($nostoAccount instanceof NostoAccountInterface) {
foreach (NostoApiToken::getApiTokenNames() as $token) {
if (!$nostoAccount->getApiToken($token)) {
$disabled = true;
break;
}
}
}
}
if ($disabled === true) {
/** @noinspection PhpUndefinedMethodInspection */
$element->setDisabled('disabled');
$metaOauth = new Nosto_Tagging_Model_Meta_Oauth();
/** @noinspection PhpUndefinedVariableInspection */
$metaOauth->loadData($store, $nostoAccount);
$client = new NostoOAuthClient($metaOauth);
$comment = sprintf('Your Nosto account is missing required tokens' . ' for updating settings to Nosto. Please click <a href="%s">' . ' here to re-connect</a> your account.', $client->getAuthorizationUrl());
$element->setData('comment', $comment);
}
return parent::_getElementHtml($element);
}
/**
* Tests that existing accounts can be synced from Nosto.
* Accounts are synced using OAuth2 Authorization Code method.
* We are only testing that we can start and act on the steps in the OAuth request cycle.
*/
public function testSyncingExistingAccount()
{
$meta = new NostoOAuthClientMetaData();
$client = new NostoOAuthClient($meta);
$this->specify('oauth authorize url can be created', function () use($client) {
$this->assertEquals('http://localhost:3000?client_id=client-id&redirect_uri=http%3A%2F%2Fmy.shop.com%2Fnosto%2Foauth&response_type=code&scope=sso products&lang=en', $client->getAuthorizationUrl());
});
$account = NostoAccount::syncFromNosto($meta, 'test123');
$this->specify('account was created', function () use($account, $meta) {
$this->assertInstanceOf('NostoAccount', $account);
$this->assertEquals('platform-00000000', $account->getName());
});
$this->specify('account has api token sso', function () use($account, $meta) {
$token = $account->getApiToken('sso');
$this->assertInstanceOf('NostoApiToken', $token);
$this->assertEquals('sso', $token->getName());
$this->assertNotEmpty($token->getValue());
});
$this->specify('account has api token products', function () use($account, $meta) {
$token = $account->getApiToken('products');
$this->assertInstanceOf('NostoApiToken', $token);
$this->assertEquals('products', $token->getName());
$this->assertNotEmpty($token->getValue());
});
$this->specify('account is connected to nosto', function () use($account, $meta) {
$this->assertTrue($account->isConnectedToNosto());
});
}
/**
* Test the OAuth client authenticate without a authorize code.
*/
public function testOauthAuthenticateWithoutCode()
{
$meta = new NostoOAuthClientMetaData();
$client = new NostoOAuthClient($meta);
$this->specify('failed oauth authenticate', function () use($client) {
$this->setExpectedException('NostoException');
$client->authenticate('');
});
}
/**
* @return Json
*/
public function execute()
{
$response = ['success' => false];
$storeId = $this->_request->getParam('store');
/** @var Store $store */
$store = $this->_storeManager->getStore($storeId);
if (!is_null($store)) {
$metaData = $this->_oauthMetaBuilder->build($store);
$client = new \NostoOAuthClient($metaData);
$response['success'] = true;
$response['redirect_url'] = $client->getAuthorizationUrl();
}
return $this->_result->setData($response);
}
require_once dirname(__FILE__) . '/classes/Nosto.php';
require_once dirname(__FILE__) . '/classes/NostoAccount.php';
require_once dirname(__FILE__) . '/classes/NostoAccountMeta.php';
require_once dirname(__FILE__) . '/classes/NostoCipher.php';
require_once dirname(__FILE__) . '/classes/NostoDotEnv.php';
require_once dirname(__FILE__) . '/classes/NostoMessage.php';
require_once dirname(__FILE__) . '/classes/NostoOrderConfirmation.php';
require_once dirname(__FILE__) . '/classes/NostoProductReCrawl.php';
require_once dirname(__FILE__) . '/classes/NostoValidator.php';
require_once dirname(__FILE__) . '/classes/NostoExchangeRate.php';
require_once dirname(__FILE__) . '/classes/NostoCurrency.php';
require_once dirname(__FILE__) . '/classes/NostoCurrencyCode.php';
require_once dirname(__FILE__) . '/classes/NostoCurrencySymbol.php';
require_once dirname(__FILE__) . '/classes/NostoCurrencyFormat.php';
require_once dirname(__FILE__) . '/classes/NostoCurrencyInfo.php';
// Libs
require_once dirname(__FILE__) . '/libs/phpseclib/crypt/NostoCryptBase.php';
require_once dirname(__FILE__) . '/libs/phpseclib/crypt/NostoCryptRijndael.php';
require_once dirname(__FILE__) . '/libs/phpseclib/crypt/NostoCryptAES.php';
require_once dirname(__FILE__) . '/libs/phpseclib/crypt/NostoCryptRandom.php';
// Parse .env if exists and assign configured environment variables.
NostoDotEnv::getInstance()->init(dirname(__FILE__));
if (isset($_ENV['NOSTO_API_BASE_URL'])) {
NostoApiRequest::$baseUrl = $_ENV['NOSTO_API_BASE_URL'];
}
if (isset($_ENV['NOSTO_OAUTH_BASE_URL'])) {
NostoOAuthClient::$baseUrl = $_ENV['NOSTO_OAUTH_BASE_URL'];
}
if (isset($_ENV['NOSTO_WEB_HOOK_BASE_URL'])) {
NostoHttpRequest::$baseUrl = $_ENV['NOSTO_WEB_HOOK_BASE_URL'];
}
* and/or other materials provided with the distribution.
*
* 3. Neither the name of the copyright holder nor the names of its contributors
* may be used to endorse or promote products derived from this software without
* specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR
* ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
* ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
* @author Nosto Solutions Ltd <*****@*****.**>
* @copyright 2016 Nosto Solutions Ltd
* @license http://opensource.org/licenses/BSD-3-Clause BSD 3-Clause
*
*/
// This is global bootstrap for autoloading
date_default_timezone_set('Europe/Helsinki');
// Pre-load all sdk classes.
require_once dirname(__FILE__) . '/../src/config.inc.php';
// Configure API, Web Hooks, and OAuth client to use Mock server when testing.
NostoApiRequest::$baseUrl = 'http://localhost:3000';
NostoOAuthClient::$baseUrl = 'http://localhost:3000';
NostoHttpRequest::$baseUrl = 'http://localhost:3000';
NostoHttpRequest::buildUserAgent('PHPUnit', '1.0.0', '1.0.0');
/**
* @inheritdoc
*/
public static function syncFromNosto(NostoOAuthClientMetaDataInterface $meta, $code)
{
$oauthClient = new NostoOAuthClient($meta);
$token = $oauthClient->authenticate($code);
if (empty($token->accessToken)) {
throw new NostoException('No access token found when trying to sync account from Nosto');
}
if (empty($token->merchantName)) {
throw new NostoException('No merchant name found when trying to sync account from Nosto');
}
$request = new NostoHttpRequest();
// The request is currently not made according the the OAuth2 spec with the access token in the
// Authorization header. This is due to the authentication server not implementing the full OAuth2 spec yet.
$request->setUrl(NostoOAuthClient::$baseUrl . '/exchange');
$request->setQueryParams(array('access_token' => $token->accessToken));
$response = $request->get();
$result = $response->getJsonResult(true);
if ($response->getCode() !== 200) {
Nosto::throwHttpException('Failed to sync account from Nosto.', $request, $response);
}
if (empty($result)) {
throw new NostoException('Received invalid data from Nosto when trying to sync account');
}
$account = new self($token->merchantName);
$account->tokens = NostoApiToken::parseTokens($result, 'api_');
if (!$account->isConnectedToNosto()) {
throw new NostoException('Failed to sync all account details from Nosto');
}
return $account;
}
/**
* Redirects user to the Nosto OAuth 2 authorization server to fetch missing
* scopes (API tokens) for an account.
*/
public function syncAccountAction()
{
$this->getResponse()->setHeader('Content-type', 'application/json', true);
/** @var Nosto_Tagging_Helper_Account $accountHelper */
$accountHelper = Mage::helper('nosto_tagging/account');
$store = $this->getSelectedStore();
$account = !is_null($store) ? $accountHelper->find($store) : null;
if ($this->getRequest()->isPost() && !is_null($store) && !is_null($account)) {
/** @var Nosto_Tagging_Model_Meta_Oauth $meta */
$meta = new Nosto_Tagging_Model_Meta_Oauth();
$meta->loadData($store, $account);
$client = new NostoOAuthClient($meta);
$responseBody = array('success' => true, 'redirect_url' => $client->getAuthorizationUrl());
}
if (!isset($responseBody)) {
$responseBody = array('success' => false, 'redirect_url' => $accountHelper->getIframeUrl($store, $account, array('message_type' => NostoMessage::TYPE_ERROR, 'message_code' => NostoMessage::CODE_ACCOUNT_CONNECT)));
}
$this->getResponse()->setBody(json_encode($responseBody));
}
/**
* Redirects user to the Nosto OAuth 2 authorization server to connect and
* existing nosto account to current scope.
*/
public function connectAccountAction()
{
$this->getResponse()->setHeader('Content-type', 'application/json');
$store = $this->getSelectedStore();
if ($this->getRequest()->isPost() && $store !== null) {
$client = new NostoOAuthClient(Mage::helper('nosto_tagging/oauth')->getMetaData($store));
$responseBody = array('success' => true, 'redirect_url' => $client->getAuthorizationUrl());
}
if (!isset($responseBody)) {
/** @var Nosto_Tagging_Helper_Account $accountHelper */
$accountHelper = Mage::helper('nosto_tagging/account');
$responseBody = array('success' => false, 'redirect_url' => $accountHelper->getIframeUrl($store, null, array('message_type' => NostoMessage::TYPE_ERROR, 'message_code' => NostoMessage::CODE_ACCOUNT_CONNECT)));
}
$this->getResponse()->setBody(json_encode($responseBody));
}
/**
* Syncs an existing Nosto account via OAuth.
*
* Requires that the OAuth cycle has already completed the first step in getting the authorization code.
*
* @param NostoOauthClientMetaInterface $meta the OAuth client meta data to use for connection to Nosto.
* @param string $authCode the authorization code that grants access to transfer data from Nosto.
* @return NostoAccount the synced account.
*
* @throws NostoException on failure.
*/
public function sync(NostoOauthClientMetaInterface $meta, $authCode)
{
$oauthClient = new NostoOAuthClient($meta);
$token = $oauthClient->authenticate($authCode);
$request = new NostoHttpRequest();
// The request is currently not made according the the OAuth2 spec with the access token in the
// Authorization header. This is due to the authentication server not implementing the full OAuth2 spec yet.
$request->setUrl(NostoOAuthClient::$baseUrl . '/exchange');
$request->setQueryParams(array('access_token' => $token->getAccessToken()));
$response = $request->get();
if ($response->getCode() !== 200) {
throw Nosto::createHttpException('Failed to send account sync to Nosto.', $request, $response);
}
$result = $response->getJsonResult(true);
$account = new NostoAccount($token->getMerchantName());
$tokens = NostoApiToken::parseTokens($result, 'api_');
foreach ($tokens as $token) {
$account->addApiToken($token);
}
if (!$account->isConnectedToNosto()) {
throw new NostoException('Failed to sync all account details from Nosto. Unknown error.');
}
return $account;
}
