protected function _http($Context, $url_path, $raw_body)
{
$method = 'GET';
if ($raw_body) {
$method = 'POST';
}
$url = $this->_getBaseURL() . $url_path;
$authcreds = $Context->authcreds();
$params = array();
$OAuth = new QuickBooks_IPP_OAuth($this->_oauth_consumer_key, $this->_oauth_consumer_secret);
$signed = $OAuth->sign($method, $url, $authcreds['oauth_access_token'], $authcreds['oauth_access_token_secret'], $params);
//print_r($signed);
$HTTP = new QuickBooks_HTTP($signed[2]);
$headers = array('Content-Type' => 'application/json', 'Request-Id' => QuickBooks_Utilities::GUID());
$HTTP->setHeaders($headers);
// Turn on debugging for the HTTP object if it's been enabled in the payment processor
$HTTP->useDebugMode($this->_debug);
//
$HTTP->setRawBody($raw_body);
$HTTP->verifyHost(false);
$HTTP->verifyPeer(false);
if ($method == 'POST') {
$return = $HTTP->POST();
} else {
if ($method == 'GET') {
$return = $HTTP->GET();
} else {
$return = null;
// ERROR
}
}
$this->_last_request = $HTTP->lastRequest();
$this->_last_response = $HTTP->lastResponse();
//
$this->log($HTTP->getLog(), QUICKBOOKS_LOG_DEBUG);
$info = $HTTP->lastInfo();
print "Info: ";
print_r($info);
$errnum = $HTTP->errorNumber();
$errmsg = $HTTP->errorMessage();
if ($errnum) {
// An error occurred!
$this->_setError(QuickBooks_Payments::ERROR_HTTP, $errnum . ': ' . $errmsg);
return false;
}
if ($info['http_code'] == 401) {
$this->_setError(QuickBooks_Payments::ERROR_AUTH, 'Payments return a 401 Unauthorized status.');
return false;
}
// Everything is good, return the data!
$this->_setError(QuickBooks_Payments::ERROR_OK, '');
return $return;
}
/**
*
*
* @param string $xml
* @param integer $errnum
* @param string $errmsg
* @return string
*/
protected function _request($xml, &$errnum, &$errmsg)
{
$HTTP = new QuickBooks_HTTP($this->_gateway());
$headers = array('Content-Type' => 'application/x-qbmsxml');
$HTTP->setHeaders($headers);
// Turn on debugging for the HTTP object if it's been enabled in the payment processor
$HTTP->useDebugMode($this->_debug);
//
$HTTP->setRawBody($xml);
$HTTP->verifyHost(false);
$HTTP->verifyPeer(false);
if ($this->_certificate) {
$HTTP->setCertificate($this->_certificate);
}
$return = $HTTP->POST();
$this->_last_request = $HTTP->lastRequest();
$this->_last_response = $HTTP->lastResponse();
//
$this->_log($HTTP->getLog(), QUICKBOOKS_LOG_DEBUG);
$errnum = $HTTP->errorNumber();
$errmsg = $HTTP->errorMessage();
if ($errnum) {
// An error occurred!
$this->_setError(QuickBooks_MerchantService::ERROR_HTTP, $errnum . ': ' . $errmsg);
return false;
}
// Everything is good, return the data!
$this->_setError(QuickBooks_MerchantService::ERROR_OK, '');
return $return;
}
protected function _request($Context, $type, $url, $action, $data, $post = true)
{
$headers = array();
//print('[' . $this->_flavor . '], ACTION [' . $action . ']');
if ($Context->IPP()->version() == QuickBooks_IPP_IDS::VERSION_3) {
if ($action == QuickBooks_IPP_IDS::OPTYPE_ADD or $action == QuickBooks_IPP_IDS::OPTYPE_MOD or $action == QuickBooks_IPP_IDS::OPTYPE_VOID or $action == QuickBooks_IPP_IDS::OPTYPE_DELETE) {
$headers['Content-Type'] = 'application/xml';
} else {
$headers['Content-Type'] = 'text/plain';
}
} else {
// Old v2 stuff
if ($type == QuickBooks_IPP::REQUEST_IPP) {
$headers['Content-Type'] = 'application/xml';
$headers['QUICKBASE-ACTION'] = $action;
} else {
if ($type == QuickBooks_IPP::REQUEST_IDS) {
if ($this->_flavor == QuickBooks_IPP_IDS::FLAVOR_DESKTOP) {
$headers['Content-Type'] = 'text/xml';
} else {
if ($this->_flavor == QuickBooks_IPP_IDS::FLAVOR_ONLINE) {
if ($action == QuickBooks_IPP_IDS::OPTYPE_ADD or $action == QuickBooks_IPP_IDS::OPTYPE_MOD or $action == QuickBooks_IPP_IDS::OPTYPE_DELETE) {
$headers['Content-Type'] = 'application/xml';
} else {
$headers['Content-Type'] = 'application/x-www-form-urlencoded';
}
}
}
}
}
}
// Authorization stuff
if ($this->_authmode == QuickBooks_IPP::AUTHMODE_OAUTH) {
// If we have credentials, sign the request
if ($this->_authcred['oauth_access_token'] and $this->_authcred['oauth_access_token_secret']) {
/*
//// **** TEST STUFF **** ////
$url = 'https://api.twitter.com/1/statuses/update.json?include_entities=true';
$this->_authcred['oauth_consumer_key'] = 'xvz1evFS4wEEPTGEFPHBog';
$this->_authcred['oauth_consumer_secret'] = 'kAcSOqF21Fu85e7zjz7ZN2U4ZRhfV3WpwPAoE3Z7kBw';
$this->_authcred['oauth_access_token'] = '370773112-GmHxMAgYyLbNEtIKZeRNFsMKPR9EyMZeS9weJAEb';
$this->_authcred['oauth_access_token_secret'] = 'LswwdoUaIvS8ltyTt5jkRh4J50vUPVVHtR2YPi5kE';
$data = http_build_query(array('status' => 'Hello Ladies + Gentlemen, a signed OAuth request!'));
$post = true;
*/
//print('URL [' . $url . ']' . "\n");
//print('what is POST [' . $post . ']' . "\n");
// Sign the request
$OAuth = new QuickBooks_IPP_OAuth($this->_authcred['oauth_consumer_key'], $this->_authcred['oauth_consumer_secret']);
// Different than default signature method?
if ($this->_authsign) {
$OAuth->signature($this->_authsign, $this->_authkey);
}
//print('signing with method and key ' . $this->_authsign . ', ' . $this->_authkey);
if ($post) {
$action = QuickBooks_IPP_OAuth::METHOD_POST;
} else {
$action = QuickBooks_IPP_OAuth::METHOD_GET;
}
$signdata = null;
if ($data and $data[0] == '<') {
// It's an XML body, we don't sign that
$signdata = null;
} else {
// It's form-encoded data, parse it so we can sign it
$signdata = array();
parse_str($data, $signdata);
}
/*
print('signing [');
print($action . "\n");
print($url . "\n");
print_r($this->_authcred);
print('[[' . $signdata . ']]');
print(' all done ]');
*/
$signed = $OAuth->sign($action, $url, $this->_authcred['oauth_access_token'], $this->_authcred['oauth_access_token_secret'], $signdata);
//print_r($signed);
// Always use the header, regardless of POST or GET
$headers['Authorization'] = $signed[3];
if ($post) {
// Add the OAuth headers
//$headers['Authorization'] = $signed[3];
// Remove any whitespace padding before checking
$data = trim($data);
if ($data and $data[0] == '<') {
// Do nothing
} else {
$data = http_build_query($signdata);
}
} else {
// Replace the URL with the signed URL
//$url = $signed[2];
}
}
} else {
if (is_object($Context)) {
// FEDERATED authentication
$headers['Authorization'] = 'INTUITAUTH intuit-app-token="' . $Context->token() . '", intuit-token="' . $Context->ticket() . '"';
$headers['Cookie'] = $this->cookies(true);
}
}
//print_r($headers);
//exit;
//$url = str_replace("SELECT * FROM customer", "SELECT+*+FROM+customer", $url);
//print('NEW URL [' . $url . ']' . "\n\n");
// Our HTTP requestor
$HTTP = new QuickBooks_HTTP($url);
// Set the headers
$HTTP->setHeaders($headers);
// Turn on debugging for the HTTP object if it's been enabled in the payment processor
$HTTP->useDebugMode($this->_debug);
//
$HTTP->setRawBody($data);
$HTTP->verifyHost(false);
$HTTP->verifyPeer(false);
if ($this->_certificate) {
$HTTP->setCertificate($this->_certificate);
}
// We need the headers back
$HTTP->returnHeaders(true);
// Send the request
if ($post) {
$return = $HTTP->POST();
} else {
$return = $HTTP->GET();
}
$this->_setLastRequestResponse($HTTP->lastRequest(), $HTTP->lastResponse());
$this->_setLastDebug(__CLASS__, array('http_request_response_duration' => $HTTP->lastDuration()));
//$this->_last_request = $HTTP->lastRequest();
//$this->_last_response = $HTTP->lastResponse();
//print($HTTP->getLog());
/*
print("\n\n\n\n");
print($this->_last_request);
print("\n\n\n\n");
print($this->_last_response);
print("\n\n\n\n");
exit;
*/
//
$this->_log($HTTP->getLog(), QUICKBOOKS_LOG_DEBUG);
$errnum = $HTTP->errorNumber();
$errmsg = $HTTP->errorMessage();
if ($errnum) {
// An error occurred!
$this->_setError(QuickBooks_IPP::ERROR_HTTP, $errnum . ': ' . $errmsg);
return false;
}
// Everything is good, return the data!
$this->_setError(QuickBooks_IPP::ERROR_OK, '');
return $return;
}
/**
* Fetch OAuth tokens with the data provided to you in the SAML request
*
* Federated applications can use OAuth for unattended access to IDS data.
* (i.e. access data even if the user isn't logged in) Before you start
* using this, you have to make sure Intuit onboards you for OAuth access.
*
* @param string $provider Your federated provider id (Intuit should have given you this)
* @param string $token Your application token
* @param string $key The full path to your .pem file (e.g. /path/to/file.pem)
* @param string $user The username or user ID of the authenticating user
* @param string $tenant The tenant ID of the authenticating user
* @param string $auth_id_pseudonym The Auth ID Pseudonym extracted from the SAML message
* @param string $realm_id_pseudonym The Realm ID Pseudonym extracted from the SAML message
* @return boolean
*/
public function connectOAuth($provider, $token, $pem_key, $encryption_key, $app_username, $app_tenant, $auth_id_pseudonym, $realm_id_pseudonym, $realm, $flavor)
{
if (!$this->_driver) {
$this->_log('Could not connect to OAuth, no DRIVER storage instance.');
return false;
}
$url = QuickBooks_IPP_Federator::URL_OAUTH;
// First we need to push the request data into the OAuth storage
$this->_driver->oauthRequestWrite($app_username, $app_tenant, $auth_id_pseudonym, $realm_id_pseudonym);
$params = array('xoauth_service_provider_id' => $provider, 'xoauth_auth_id_pseudonym' => $auth_id_pseudonym, 'xoauth_realm_id_pseudonym' => $realm_id_pseudonym);
// Create our OAuth instance class
$OAuth = new QuickBooks_IPP_OAuth($token, '');
// There is no consumer secret
$OAuth->signature(QuickBooks_IPP_OAuth::SIGNATURE_RSA, $pem_key);
// Sign the request
$sign = $OAuth->sign(QuickBooks_IPP_OAuth::METHOD_GET, $url, null, null, $params);
// Now make our HTTP request to get the OAuth tokens
$HTTP = new QuickBooks_HTTP($sign[2]);
$HTTP->verifyHost(false);
$HTTP->verifyPeer(false);
$HTTP->useDebugMode($this->_debug);
$data = $HTTP->GET();
$this->_log('OAuth HTTP request: [' . $HTTP->lastRequest() . ']');
$this->_log('OAuth HTTP response: [' . $HTTP->lastResponse() . ']');
if ($data) {
$tmp = array();
parse_str($data, $tmp);
if (!empty($tmp['oauth_token']) and !empty($tmp['oauth_token_secret'])) {
// Store the OAuth tokens
$this->_log('Storing OAuth tokens...');
return $this->_driver->oauthAccessWrite($encryption_key, $auth_id_pseudonym, $tmp['oauth_token'], $tmp['oauth_token_secret'], $realm, $flavor);
}
}
return false;
}