|
1
|
|
|
<?php |
|
2
|
|
|
/** |
|
3
|
|
|
* CakePHPify : CakePHP Plugin for Shopify API Authentication |
|
4
|
|
|
* Copyright (c) Multidimension.al (http://multidimension.al) |
|
5
|
|
|
* Github : https://github.com/multidimension-al/cakephpify |
|
6
|
|
|
* |
|
7
|
|
|
* Licensed under The MIT License |
|
8
|
|
|
* For full copyright and license information, please see the LICENSE file |
|
9
|
|
|
* Redistributions of files must retain the above copyright notice. |
|
10
|
|
|
* |
|
11
|
|
|
* @copyright (c) Multidimension.al (http://multidimension.al) |
|
12
|
|
|
* @link https://github.com/multidimension-al/cakephpify CakePHPify Github |
|
13
|
|
|
* @license http://www.opensource.org/licenses/mit-license.php MIT License |
|
14
|
|
|
*/ |
|
15
|
|
|
|
|
16
|
|
|
namespace Multidimensional\Shopify\Controller\Component; |
|
17
|
|
|
|
|
18
|
|
|
use Cake\Core\Configure; |
|
19
|
|
|
use Cake\Controller\Component; |
|
20
|
|
|
use Cake\Routing\Router; |
|
21
|
|
|
use Cake\Network\Http\Client; |
|
22
|
|
|
|
|
23
|
|
|
class ShopifyAPIComponent extends Component { |
|
|
|
|
|
|
24
|
|
|
|
|
25
|
|
|
public $api_key; |
|
|
|
|
|
|
26
|
|
|
|
|
27
|
|
|
private $shop_domain; |
|
|
|
|
|
|
28
|
|
|
private $token; |
|
29
|
|
|
private $shared_secret; |
|
|
|
|
|
|
30
|
|
|
private $is_private_app; |
|
|
|
|
|
|
31
|
|
|
private $private_app_password; |
|
|
|
|
|
|
32
|
|
|
private $nonce; |
|
33
|
|
|
|
|
34
|
|
|
public function initialize(array $config = []) { |
|
35
|
|
|
|
|
36
|
|
|
parent::initialize($config); |
|
37
|
|
|
$this->api_key = ((isset($config['api_key'])) ? $config['api_key'] : Configure::read('Shopify.api_key')); |
|
38
|
|
|
$this->shared_secret = ((isset($config['shared_secret'])) ? $config['shared_secret'] : Configure::read('Shopify.shared_secret')); |
|
39
|
|
|
$this->scope = ((isset($config['scope'])) ? $config['scope'] : Configure::read('Shopify.scope')); |
|
|
|
|
|
|
40
|
|
|
$this->is_private_app = ((isset($config['is_private_app'])) ? $config['is_private_app'] : Configure::read('Shopify.is_private_app')); |
|
41
|
|
|
$this->private_app_password = ((isset($config['private_app_password'])) ? $config['private_app_password'] : Configure::read('Shopify.private_app_password')); |
|
42
|
|
|
|
|
43
|
|
|
} |
|
44
|
|
|
|
|
45
|
|
|
public function startup(Event $event) { |
|
46
|
|
|
$this->setController($event->subject()); |
|
|
|
|
|
|
47
|
|
|
} |
|
48
|
|
|
|
|
49
|
|
|
public function setShopDomain($shop_domain) { |
|
|
|
|
|
|
50
|
|
|
return $this->shop_domain = $shop_domain; |
|
|
|
|
|
|
51
|
|
|
} |
|
52
|
|
|
|
|
53
|
|
|
public function getShopDomain() { |
|
|
|
|
|
|
54
|
|
|
return $this->shop_domain; |
|
55
|
|
|
} |
|
56
|
|
|
|
|
57
|
|
|
public function setAccessToken($token) { |
|
|
|
|
|
|
58
|
|
|
return $this->token = $token; |
|
59
|
|
|
} |
|
60
|
|
|
|
|
61
|
|
|
public function callsMade() { |
|
62
|
|
|
return $this->shopApiCallLimitParam(0); |
|
63
|
|
|
} |
|
64
|
|
|
|
|
65
|
|
|
public function callLimit() { |
|
66
|
|
|
return $this->shopApiCallLimitParam(1); |
|
67
|
|
|
} |
|
68
|
|
|
|
|
69
|
|
|
public function callsLeft($response_headers) { |
|
|
|
|
|
|
70
|
|
|
return $this->callLimit() - $this->callsMade(); |
|
71
|
|
|
} |
|
72
|
|
|
|
|
73
|
|
|
/** |
|
74
|
|
|
* @param string $method |
|
75
|
|
|
* @param string $path |
|
76
|
|
|
*/ |
|
77
|
|
|
public function call($method, $path, $params = array()) { |
|
|
|
|
|
|
78
|
|
|
|
|
79
|
|
|
if (!$this->_isReady()) { |
|
80
|
|
|
return false; |
|
81
|
|
|
} |
|
82
|
|
|
|
|
83
|
|
|
if (!in_array($method, array('POST', 'PUT', 'GET', 'DELETE'))) { |
|
84
|
|
|
return false; |
|
85
|
|
|
} |
|
86
|
|
|
|
|
87
|
|
|
$http = new Client([ |
|
88
|
|
|
'host' => $this->shop_domain, |
|
89
|
|
|
'scheme' => 'https', |
|
90
|
|
|
'headers' => (($this->is_private_app != 'true') ? (['X-Shopify-Access-Token' => $this->token]) : []), |
|
91
|
|
|
'auth' => (($this->is_private_app != 'true') ? [] : (['username' => $this->api_key, 'password' => $this->private_app_password])) |
|
92
|
|
|
]); |
|
93
|
|
|
|
|
94
|
|
|
$this->response = $http->{strtolower($method)}( |
|
95
|
|
|
$path, |
|
96
|
|
|
((in_array($method, array('POST', 'PUT'))) ? json_encode($params) : $params), |
|
97
|
|
|
((in_array($method, array('POST', 'PUT'))) ? ['type' => 'json'] : []) |
|
98
|
|
|
); |
|
99
|
|
|
$this->response = $this->response->json; |
|
100
|
|
|
|
|
101
|
|
|
return (is_array($this->response) && (count($this->response) > 0)) ? array_shift($this->response) : $this->response; |
|
102
|
|
|
|
|
103
|
|
|
} |
|
104
|
|
|
|
|
105
|
|
|
/** |
|
106
|
|
|
* @param integer $index |
|
107
|
|
|
*/ |
|
108
|
|
|
private function shopApiCallLimitParam($index) { |
|
109
|
|
|
$params = explode("/", $this->response->getHeaderLine('http_x_shopify_shop_api_call_limit')); |
|
|
|
|
|
|
110
|
|
|
return (int) $params[$index]; |
|
111
|
|
|
} |
|
112
|
|
|
|
|
113
|
|
|
public function getAuthorizeUrl($shop_domain, $redirect_url) { |
|
|
|
|
|
|
114
|
|
|
|
|
115
|
|
|
$url = 'https://' . $shop_domain . '/admin/oauth/authorize?client_id=' . $this->api_key; |
|
|
|
|
|
|
116
|
|
|
$url .= '&scope=' . urlencode($this->scope); |
|
117
|
|
|
$url .= '&redirect_uri=' . urlencode($redirect_url); |
|
|
|
|
|
|
118
|
|
|
$url .= '&state=' . $this->getNonce($shop_domain); |
|
|
|
|
|
|
119
|
|
|
return $url; |
|
120
|
|
|
|
|
121
|
|
|
} |
|
122
|
|
|
|
|
123
|
|
|
public function getAccessToken($shop_domain, $code) { |
|
|
|
|
|
|
124
|
|
|
|
|
125
|
|
|
$this->shop_domain = $shop_domain; |
|
|
|
|
|
|
126
|
|
|
|
|
127
|
|
|
$http = new Client([ |
|
128
|
|
|
'host' => $shop_domain, |
|
|
|
|
|
|
129
|
|
|
'scheme' => 'https' |
|
130
|
|
|
]); |
|
131
|
|
|
|
|
132
|
|
|
$response = $http->post('/admin/oauth/access_token', 'client_id=' . $this->api_key . |
|
133
|
|
|
'&client_secret=' . $this->shared_secret . |
|
134
|
|
|
'&code=' . $code); |
|
135
|
|
|
$response = $response->json; ; |
|
136
|
|
|
|
|
137
|
|
|
if (isset($response['access_token'])) { |
|
138
|
|
|
$this->token = $response['access_token']; |
|
139
|
|
|
return $this->token; |
|
140
|
|
|
} else { |
|
141
|
|
|
return false; |
|
142
|
|
|
} |
|
143
|
|
|
|
|
144
|
|
|
} |
|
145
|
|
|
|
|
146
|
|
|
public function setNonce($shop_domain) { |
|
|
|
|
|
|
147
|
|
|
|
|
148
|
|
|
return $this->nonce = md5(strtolower($shop_domain)); |
|
|
|
|
|
|
149
|
|
|
|
|
150
|
|
|
} |
|
151
|
|
|
|
|
152
|
|
|
|
|
153
|
|
|
public function getNonce() { |
|
154
|
|
|
|
|
155
|
|
|
return $this->nonce; |
|
156
|
|
|
|
|
157
|
|
|
} |
|
158
|
|
|
|
|
159
|
|
|
public function validDomain($shop_domain) { |
|
|
|
|
|
|
160
|
|
|
|
|
161
|
|
|
return true; |
|
162
|
|
|
|
|
163
|
|
|
} |
|
164
|
|
|
|
|
165
|
|
|
public function getShopData() { |
|
|
|
|
|
|
166
|
|
|
|
|
167
|
|
|
return $this->call('GET', '/admin/shop.json'); |
|
168
|
|
|
|
|
169
|
|
|
} |
|
170
|
|
|
|
|
171
|
|
|
public function validateHMAC($query) { |
|
|
|
|
|
|
172
|
|
|
|
|
173
|
|
|
if (!is_array($query) || empty($query['hmac']) || !is_string($query['hmac']) || (isset($query['state']) && $query['state'] != $this->getNonce($query['shop']))) { |
|
|
|
|
|
|
174
|
|
|
return false; |
|
175
|
|
|
} |
|
176
|
|
|
|
|
177
|
|
|
$dataString = array(); |
|
178
|
|
|
|
|
179
|
|
|
foreach ($query as $key => $value) { |
|
180
|
|
|
$key = $this->_urlEncode(str_replace('=', '%3D', $key)); |
|
181
|
|
|
$value = $this->_urlEncode($value); |
|
182
|
|
|
if ($key != 'hmac') { |
|
183
|
|
|
$dataString[] = $key . '=' . $value; |
|
184
|
|
|
} |
|
185
|
|
|
} |
|
186
|
|
|
|
|
187
|
|
|
sort($dataString); |
|
188
|
|
|
$string = implode("&", $dataString); |
|
189
|
|
|
return $query['hmac'] == hash_hmac('sha256', $string, $this->shared_secret); |
|
190
|
|
|
|
|
191
|
|
|
} |
|
192
|
|
|
|
|
193
|
|
|
/** |
|
194
|
|
|
* @param string $url |
|
195
|
|
|
*/ |
|
196
|
|
|
private function _urlEncode($url) { |
|
197
|
|
|
|
|
198
|
|
|
$url = str_replace('&', '%26', $url); |
|
199
|
|
|
$url = str_replace('%', '%25', $url); |
|
200
|
|
|
return $url; |
|
201
|
|
|
|
|
202
|
|
|
} |
|
203
|
|
|
|
|
204
|
|
|
private function _isReady() { |
|
|
|
|
|
|
205
|
|
|
return strlen($this->shop_domain) > 0 && strlen($this->token) > 0; |
|
206
|
|
|
} |
|
207
|
|
|
|
|
208
|
|
|
} |
|
209
|
|
|
|
|
210
|
|
|
?> |
|
|
|
|
|
|
211
|
|
|
|
multidimension-al /
cakephpify
Loading history...
This check marks property names that have not been written in camelCase.
In camelCase names are written without any punctuation, the start of each new word being marked by a capital letter. Thus the name database connection string becomes
databaseConnectionString.