/** * Initiate RequestToken request operation * * @return void */ public function execute() { try { $requestUrl = $this->_helper->getRequestUrl($this->getRequest()); $request = $this->_helper->prepareRequest($this->getRequest(), $requestUrl); // Request request token $response = $this->_oauthService->getRequestToken($request, $requestUrl, $this->getRequest()->getMethod()); } catch (\Exception $exception) { $response = $this->_helper->prepareErrorResponse($exception, $this->getResponse()); } $this->getResponse()->setBody(http_build_query($response)); }
/** * {@inheritdoc} */ public function getUserId() { if ($this->integrationId) { return $this->integrationId; } $oauthRequest = $this->oauthHelper->prepareRequest($this->request); //If its not a valid Oauth request no further processing is needed if (empty($oauthRequest)) { return null; } $consumerId = $this->oauthService->validateAccessTokenRequest($oauthRequest, $this->oauthHelper->getRequestUrl($this->request), $this->request->getMethod()); $integration = $this->integrationService->findActiveIntegrationByConsumerId($consumerId); return $this->integrationId = $integration->getId() ? (int) $integration->getId() : null; }
/** * Initiate AccessToken request operation * * @return void */ public function execute() { try { $requestUrl = $this->_helper->getRequestUrl($this->getRequest()); $request = $this->_helper->prepareRequest($this->getRequest(), $requestUrl); // Request access token in exchange of a pre-authorized token $response = $this->_oauthService->getAccessToken($request, $requestUrl, $this->getRequest()->getMethod()); //After sending the access token, update the integration status to active; $consumer = $this->_intOauthService->loadConsumerByKey($request['oauth_consumer_key']); $this->_integrationService->findByConsumerId($consumer->getId())->setStatus(IntegrationModel::STATUS_ACTIVE)->save(); } catch (\Exception $exception) { $response = $this->_helper->prepareErrorResponse($exception, $this->getResponse()); } $this->getResponse()->setBody(http_build_query($response)); }
/** * Perform authentication and authorization. * * Authentication can be based on active customer/guest session or it can be based on OAuth headers. * * @throws \Magento\Framework\Exception\AuthorizationException * @return void */ protected function _checkPermissions() { /** * All mobile clients are expected to pass session cookie along with the request which will allow * to start session automatically. User ID and user type are initialized when session is created * during login call. */ $userId = $this->session->getUserId(); $userType = $this->session->getUserType(); $userIdentifier = null; $consumerId = null; if ($userType) { /** @var \Magento\Authz\Model\UserIdentifier $userIdentifier */ $userIdentifier = $this->_objectManager->create('Magento\\Authz\\Model\\UserIdentifier', ['userType' => $userType, 'userId' => $userId]); } else { $oauthRequest = $this->_oauthHelper->prepareRequest($this->_request); $consumerId = $this->_oauthService->validateAccessTokenRequest($oauthRequest, $this->_oauthHelper->getRequestUrl($this->_request), $this->_request->getMethod()); $this->_request->setConsumerId($consumerId); } $route = $this->_getCurrentRoute(); if (!$this->_authorizationService->isAllowed($route->getAclResources(), $userIdentifier)) { $params = ['resources' => implode(', ', $route->getAclResources())]; throw new AuthorizationException(AuthorizationException::NOT_AUTHORIZED, $params); } }
/** * Test the basic Request action. */ public function testRequestAction() { $this->request->expects($this->any())->method('getMethod')->willReturn('GET'); $this->helperMock->expects($this->once())->method('getRequestUrl'); $this->helperMock->expects($this->once())->method('prepareRequest'); $this->frameworkOauthSvcMock->expects($this->once())->method('getRequestToken')->willReturn(['response']); $this->response->expects($this->once())->method('setBody'); $this->requestAction->execute(); }
public function testAuthorizationFailed() { $this->_authorizationMock->expects($this->once())->method('isAllowed')->will($this->returnValue(false)); $this->_oauthServiceMock->expects($this->any())->method('validateAccessTokenRequest')->will($this->returnValue('fred')); $this->_routeMock->expects($this->any())->method('getAclResources')->will($this->returnValue(['5', '6'])); $this->_restController->dispatch($this->_requestMock); /** Ensure that response contains proper error message. */ $expectedMsg = 'Consumer is not authorized to access 5, 6'; AuthorizationException::NOT_AUTHORIZED; $this->assertTrue($this->_responseMock->isException()); $exceptionArray = $this->_responseMock->getException(); $this->assertEquals($expectedMsg, $exceptionArray[0]->getMessage()); }
/** * Test the basic Access action. */ public function testAccessAction() { $this->request->expects($this->any())->method('getMethod')->willReturn('GET'); $this->helperMock->expects($this->once())->method('getRequestUrl'); $this->helperMock->expects($this->once())->method('prepareRequest'); $this->frameworkOauthSvcMock->expects($this->once())->method('getAccessToken')->willReturn(['response']); /** @var \Magento\Integration\Model\Oauth\Consumer|\PHPUnit_Framework_MockObject_MockObject */ $consumerMock = $this->getMock('Magento\\Integration\\Model\\Oauth\\Consumer', [], [], '', false); $consumerMock->expects($this->once())->method('getId'); $this->intOauthServiceMock->expects($this->once())->method('loadConsumerByKey')->willReturn($consumerMock); /** @var \Magento\Integration\Model\Integration|\PHPUnit_Framework_MockObject_MockObject */ $integrationMock = $this->getMock('Magento\\Integration\\Model\\Integration', [], [], '', false); $integrationMock->expects($this->once())->method('save')->willReturnSelf(); $this->integrationServiceMock->expects($this->once())->method('findByConsumerId')->willReturn($integrationMock); $this->response->expects($this->once())->method('setBody'); $this->accessAction->executeInternal(); }
/** * Dispatch SOAP request. * * @param \Magento\Framework\App\RequestInterface $request * @return \Magento\Framework\App\ResponseInterface */ public function dispatch(\Magento\Framework\App\RequestInterface $request) { $path = $this->_pathProcessor->process($request->getPathInfo()); $this->_request->setPathInfo($path); $this->areaList->getArea($this->_appState->getAreaCode())->load(\Magento\Framework\App\Area::PART_TRANSLATE); try { if (!$this->_appState->isInstalled()) { throw new WebapiException(__('Magento is not yet installed')); } if ($this->_isWsdlRequest()) { $responseBody = $this->_wsdlGenerator->generate($this->_request->getRequestedServices(), $this->_soapServer->generateUri()); $this->_setResponseContentType(self::CONTENT_TYPE_WSDL_REQUEST); $this->_setResponseBody($responseBody); } else { $consumerId = $this->_oauthService->validateAccessToken($this->_getAccessToken()); $this->_request->setConsumerId($consumerId); $this->_soapServer->handle(); } } catch (\Exception $e) { $this->_prepareErrorResponse($e); } return $this->_response; }