/** * Returns the PayPal URL to which the user must be redirected to * start the authentication / authorization process. * * @param string $redirectUri Uri on merchant website to where * the user must be redirected to post paypal login * @param array $scope The access privilges that you are requesting for * from the user. Pass empty array for all scopes. * @param string $clientId client id from developer portal * See https://developer.paypal.com/webapps/developer/docs/integration/direct/log-in-with-paypal/detailed/#attributes for more * @param PPApiContext $apiContext Optional API Context */ public static function getAuthorizationUrl($redirectUri, $scope, $clientId, $nonce = null, $state = null, $apiContext = null) { if (is_null($apiContext)) { $apiContext = new PPApiContext(); } $config = $apiContext->getConfig(); if ($apiContext->get($clientId) !== false) { $clientId = $apiContext->get($clientId); } $scope = count($scope) != 0 ? $scope : array('openid', 'profile', 'address', 'email', 'phone', 'https://uri.paypal.com/services/paypalattributes', 'https://uri.paypal.com/services/expresscheckout'); if (!in_array('openid', $scope)) { $scope[] = 'openid'; } $params = array('client_id' => $clientId, 'response_type' => 'code', 'scope' => implode(" ", $scope), 'redirect_uri' => $redirectUri); if ($nonce) { $params['nonce'] = $nonce; } if ($state) { $params['state'] = $state; } return sprintf("%s/v1/authorize?%s", self::getBaseUrl($config), http_build_query($params)); }
/** * Creates an Access Token from an Authorization Code. * * @path /v1/identity/openidconnect/tokenservice * @method POST * * @param array $params (allowed values are client_id, client_secret, grant_type, code and redirect_uri) * (required) client_id from developer portal * (required) client_secret from developer portal * (required) code is Authorization code previously received from the authorization server * (required) redirect_uri Redirection endpoint that must match the one provided during the * authorization request that ended in receiving the authorization code. * (optional) grant_type is the Token grant type. Defaults to authorization_code * @param PPApiContext $apiContext Optional API Context * * @return PPOpenIdTokeninfo */ public static function createFromAuthorizationCode($params, $clientId, $clientSecret, $apiContext = null) { static $allowedParams = array('grant_type' => 1, 'code' => 1, 'redirect_uri' => 1); if (is_null($apiContext)) { $apiContext = new PPApiContext(); } $config = $apiContext->getConfig(); if ($apiContext->get($clientId) !== false) { $clientId = $apiContext->get($clientId); } if ($apiContext->get($clientSecret) !== false) { $clientSecret = $apiContext->get($clientSecret); } if (!array_key_exists('grant_type', $params)) { $params['grant_type'] = 'authorization_code'; } $call = new PPRestCall($apiContext); $token = new PPOpenIdTokeninfo(); $token->fromJson($call->execute(array(new PPOpenIdHandler()), "/v1/identity/openidconnect/tokenservice", "POST", http_build_query(array_intersect_key($params, $allowedParams)), array('Content-Type' => 'application/x-www-form-urlencoded', 'Authorization' => 'Basic ' . base64_encode($clientId . ":" . $clientSecret)))); return $token; }