protected function _getElementHtml(Varien_Data_Form_Element_Abstract $element) { $store = null; $disabled = false; if ($code = $this->getRequest()->getParam('store')) { $store = Mage::getModel('core/store')->load($code); } if ($store instanceof Mage_Core_Model_Store) { /* @var Nosto_Tagging_Helper_Account $accountHelper */ $accountHelper = Mage::helper('nosto_tagging/account'); /* @var NostoAccount $nostoAccount */ $nostoAccount = $accountHelper->find($store); if ($nostoAccount instanceof NostoAccountInterface) { foreach (NostoApiToken::getApiTokenNames() as $token) { if (!$nostoAccount->getApiToken($token)) { $disabled = true; break; } } } } if ($disabled === true) { /** @noinspection PhpUndefinedMethodInspection */ $element->setDisabled('disabled'); $metaOauth = new Nosto_Tagging_Model_Meta_Oauth(); /** @noinspection PhpUndefinedVariableInspection */ $metaOauth->loadData($store, $nostoAccount); $client = new NostoOAuthClient($metaOauth); $comment = sprintf('Your Nosto account is missing required tokens' . ' for updating settings to Nosto. Please click <a href="%s">' . ' here to re-connect</a> your account.', $client->getAuthorizationUrl()); $element->setData('comment', $comment); } return parent::_getElementHtml($element); }
/** * Tests that existing accounts can be synced from Nosto. * Accounts are synced using OAuth2 Authorization Code method. * We are only testing that we can start and act on the steps in the OAuth request cycle. */ public function testSyncingExistingAccount() { $meta = new NostoOAuthClientMetaData(); $client = new NostoOAuthClient($meta); $this->specify('oauth authorize url can be created', function () use($client) { $this->assertEquals('http://localhost:3000?client_id=client-id&redirect_uri=http%3A%2F%2Fmy.shop.com%2Fnosto%2Foauth&response_type=code&scope=sso products&lang=en', $client->getAuthorizationUrl()); }); $account = NostoAccount::syncFromNosto($meta, 'test123'); $this->specify('account was created', function () use($account, $meta) { $this->assertInstanceOf('NostoAccount', $account); $this->assertEquals('platform-00000000', $account->getName()); }); $this->specify('account has api token sso', function () use($account, $meta) { $token = $account->getApiToken('sso'); $this->assertInstanceOf('NostoApiToken', $token); $this->assertEquals('sso', $token->getName()); $this->assertNotEmpty($token->getValue()); }); $this->specify('account has api token products', function () use($account, $meta) { $token = $account->getApiToken('products'); $this->assertInstanceOf('NostoApiToken', $token); $this->assertEquals('products', $token->getName()); $this->assertNotEmpty($token->getValue()); }); $this->specify('account is connected to nosto', function () use($account, $meta) { $this->assertTrue($account->isConnectedToNosto()); }); }
/** * Test the OAuth client authenticate without a authorize code. */ public function testOauthAuthenticateWithoutCode() { $meta = new NostoOAuthClientMetaData(); $client = new NostoOAuthClient($meta); $this->specify('failed oauth authenticate', function () use($client) { $this->setExpectedException('NostoException'); $client->authenticate(''); }); }
/** * @return Json */ public function execute() { $response = ['success' => false]; $storeId = $this->_request->getParam('store'); /** @var Store $store */ $store = $this->_storeManager->getStore($storeId); if (!is_null($store)) { $metaData = $this->_oauthMetaBuilder->build($store); $client = new \NostoOAuthClient($metaData); $response['success'] = true; $response['redirect_url'] = $client->getAuthorizationUrl(); } return $this->_result->setData($response); }
require_once dirname(__FILE__) . '/classes/Nosto.php'; require_once dirname(__FILE__) . '/classes/NostoAccount.php'; require_once dirname(__FILE__) . '/classes/NostoAccountMeta.php'; require_once dirname(__FILE__) . '/classes/NostoCipher.php'; require_once dirname(__FILE__) . '/classes/NostoDotEnv.php'; require_once dirname(__FILE__) . '/classes/NostoMessage.php'; require_once dirname(__FILE__) . '/classes/NostoOrderConfirmation.php'; require_once dirname(__FILE__) . '/classes/NostoProductReCrawl.php'; require_once dirname(__FILE__) . '/classes/NostoValidator.php'; require_once dirname(__FILE__) . '/classes/NostoExchangeRate.php'; require_once dirname(__FILE__) . '/classes/NostoCurrency.php'; require_once dirname(__FILE__) . '/classes/NostoCurrencyCode.php'; require_once dirname(__FILE__) . '/classes/NostoCurrencySymbol.php'; require_once dirname(__FILE__) . '/classes/NostoCurrencyFormat.php'; require_once dirname(__FILE__) . '/classes/NostoCurrencyInfo.php'; // Libs require_once dirname(__FILE__) . '/libs/phpseclib/crypt/NostoCryptBase.php'; require_once dirname(__FILE__) . '/libs/phpseclib/crypt/NostoCryptRijndael.php'; require_once dirname(__FILE__) . '/libs/phpseclib/crypt/NostoCryptAES.php'; require_once dirname(__FILE__) . '/libs/phpseclib/crypt/NostoCryptRandom.php'; // Parse .env if exists and assign configured environment variables. NostoDotEnv::getInstance()->init(dirname(__FILE__)); if (isset($_ENV['NOSTO_API_BASE_URL'])) { NostoApiRequest::$baseUrl = $_ENV['NOSTO_API_BASE_URL']; } if (isset($_ENV['NOSTO_OAUTH_BASE_URL'])) { NostoOAuthClient::$baseUrl = $_ENV['NOSTO_OAUTH_BASE_URL']; } if (isset($_ENV['NOSTO_WEB_HOOK_BASE_URL'])) { NostoHttpRequest::$baseUrl = $_ENV['NOSTO_WEB_HOOK_BASE_URL']; }
* and/or other materials provided with the distribution. * * 3. Neither the name of the copyright holder nor the names of its contributors * may be used to endorse or promote products derived from this software without * specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * * @author Nosto Solutions Ltd <*****@*****.**> * @copyright 2016 Nosto Solutions Ltd * @license http://opensource.org/licenses/BSD-3-Clause BSD 3-Clause * */ // This is global bootstrap for autoloading date_default_timezone_set('Europe/Helsinki'); // Pre-load all sdk classes. require_once dirname(__FILE__) . '/../src/config.inc.php'; // Configure API, Web Hooks, and OAuth client to use Mock server when testing. NostoApiRequest::$baseUrl = 'http://localhost:3000'; NostoOAuthClient::$baseUrl = 'http://localhost:3000'; NostoHttpRequest::$baseUrl = 'http://localhost:3000'; NostoHttpRequest::buildUserAgent('PHPUnit', '1.0.0', '1.0.0');
/** * @inheritdoc */ public static function syncFromNosto(NostoOAuthClientMetaDataInterface $meta, $code) { $oauthClient = new NostoOAuthClient($meta); $token = $oauthClient->authenticate($code); if (empty($token->accessToken)) { throw new NostoException('No access token found when trying to sync account from Nosto'); } if (empty($token->merchantName)) { throw new NostoException('No merchant name found when trying to sync account from Nosto'); } $request = new NostoHttpRequest(); // The request is currently not made according the the OAuth2 spec with the access token in the // Authorization header. This is due to the authentication server not implementing the full OAuth2 spec yet. $request->setUrl(NostoOAuthClient::$baseUrl . '/exchange'); $request->setQueryParams(array('access_token' => $token->accessToken)); $response = $request->get(); $result = $response->getJsonResult(true); if ($response->getCode() !== 200) { Nosto::throwHttpException('Failed to sync account from Nosto.', $request, $response); } if (empty($result)) { throw new NostoException('Received invalid data from Nosto when trying to sync account'); } $account = new self($token->merchantName); $account->tokens = NostoApiToken::parseTokens($result, 'api_'); if (!$account->isConnectedToNosto()) { throw new NostoException('Failed to sync all account details from Nosto'); } return $account; }
/** * Redirects user to the Nosto OAuth 2 authorization server to fetch missing * scopes (API tokens) for an account. */ public function syncAccountAction() { $this->getResponse()->setHeader('Content-type', 'application/json', true); /** @var Nosto_Tagging_Helper_Account $accountHelper */ $accountHelper = Mage::helper('nosto_tagging/account'); $store = $this->getSelectedStore(); $account = !is_null($store) ? $accountHelper->find($store) : null; if ($this->getRequest()->isPost() && !is_null($store) && !is_null($account)) { /** @var Nosto_Tagging_Model_Meta_Oauth $meta */ $meta = new Nosto_Tagging_Model_Meta_Oauth(); $meta->loadData($store, $account); $client = new NostoOAuthClient($meta); $responseBody = array('success' => true, 'redirect_url' => $client->getAuthorizationUrl()); } if (!isset($responseBody)) { $responseBody = array('success' => false, 'redirect_url' => $accountHelper->getIframeUrl($store, $account, array('message_type' => NostoMessage::TYPE_ERROR, 'message_code' => NostoMessage::CODE_ACCOUNT_CONNECT))); } $this->getResponse()->setBody(json_encode($responseBody)); }
/** * Redirects user to the Nosto OAuth 2 authorization server to connect and * existing nosto account to current scope. */ public function connectAccountAction() { $this->getResponse()->setHeader('Content-type', 'application/json'); $store = $this->getSelectedStore(); if ($this->getRequest()->isPost() && $store !== null) { $client = new NostoOAuthClient(Mage::helper('nosto_tagging/oauth')->getMetaData($store)); $responseBody = array('success' => true, 'redirect_url' => $client->getAuthorizationUrl()); } if (!isset($responseBody)) { /** @var Nosto_Tagging_Helper_Account $accountHelper */ $accountHelper = Mage::helper('nosto_tagging/account'); $responseBody = array('success' => false, 'redirect_url' => $accountHelper->getIframeUrl($store, null, array('message_type' => NostoMessage::TYPE_ERROR, 'message_code' => NostoMessage::CODE_ACCOUNT_CONNECT))); } $this->getResponse()->setBody(json_encode($responseBody)); }
/** * Syncs an existing Nosto account via OAuth. * * Requires that the OAuth cycle has already completed the first step in getting the authorization code. * * @param NostoOauthClientMetaInterface $meta the OAuth client meta data to use for connection to Nosto. * @param string $authCode the authorization code that grants access to transfer data from Nosto. * @return NostoAccount the synced account. * * @throws NostoException on failure. */ public function sync(NostoOauthClientMetaInterface $meta, $authCode) { $oauthClient = new NostoOAuthClient($meta); $token = $oauthClient->authenticate($authCode); $request = new NostoHttpRequest(); // The request is currently not made according the the OAuth2 spec with the access token in the // Authorization header. This is due to the authentication server not implementing the full OAuth2 spec yet. $request->setUrl(NostoOAuthClient::$baseUrl . '/exchange'); $request->setQueryParams(array('access_token' => $token->getAccessToken())); $response = $request->get(); if ($response->getCode() !== 200) { throw Nosto::createHttpException('Failed to send account sync to Nosto.', $request, $response); } $result = $response->getJsonResult(true); $account = new NostoAccount($token->getMerchantName()); $tokens = NostoApiToken::parseTokens($result, 'api_'); foreach ($tokens as $token) { $account->addApiToken($token); } if (!$account->isConnectedToNosto()) { throw new NostoException('Failed to sync all account details from Nosto. Unknown error.'); } return $account; }