Traits
2 years ago
MerchantDetails.php
2 years ago
PayPalAuth.php
1 year ago
PayPalOrder.php
1 year ago
Settings.php
2 years ago
Webhooks.php
1 year ago
PayPalAuth.php
305 lines
| 1 | <?php |
| 2 | |
| 3 | namespace Give\PaymentGateways\PayPalCommerce\Repositories; |
| 4 | |
| 5 | use Give\Framework\Http\ConnectServer\Client\ConnectClient; |
| 6 | use Give\Helpers\ArrayDataSet; |
| 7 | use Give\Log\Log; |
| 8 | use Give\PaymentGateways\PayPalCommerce\PayPalCheckoutSdk\Requests\GetAccessToken; |
| 9 | use Give\PaymentGateways\PayPalCommerce\PayPalClient; |
| 10 | use RuntimeException; |
| 11 | use UnexpectedValueException; |
| 12 | |
| 13 | class PayPalAuth |
| 14 | { |
| 15 | /** |
| 16 | * @since 2.9.0 |
| 17 | * |
| 18 | * @var PayPalClient |
| 19 | */ |
| 20 | private $payPalClient; |
| 21 | |
| 22 | /** |
| 23 | * @since 2.9.0 |
| 24 | * |
| 25 | * @var ConnectClient |
| 26 | */ |
| 27 | private $connectClient; |
| 28 | |
| 29 | /** |
| 30 | * PayPalAuth constructor. |
| 31 | * |
| 32 | * @since 2.9.0 |
| 33 | * |
| 34 | * @param PayPalClient $payPalClient |
| 35 | * @param ConnectClient $connectClient |
| 36 | */ |
| 37 | public function __construct(PayPalClient $payPalClient, ConnectClient $connectClient) |
| 38 | { |
| 39 | $this->payPalClient = $payPalClient; |
| 40 | $this->connectClient = $connectClient; |
| 41 | } |
| 42 | |
| 43 | /** |
| 44 | * Retrieves a token for the Client ID and Secret |
| 45 | * |
| 46 | * @since 2.32.0 Use PayPal client for rest api calls. |
| 47 | * @since 2.25.0 Validate paypal response. |
| 48 | * @since 2.9.0 |
| 49 | * |
| 50 | * @param string $client_id |
| 51 | * @param string $client_secret |
| 52 | * |
| 53 | * @throws RuntimeException|\Exception |
| 54 | */ |
| 55 | public function getTokenFromClientCredentials($client_id, $client_secret): array |
| 56 | { |
| 57 | $auth = base64_encode("$client_id:$client_secret"); |
| 58 | |
| 59 | $response = $this->payPalClient->getHttpClient() |
| 60 | ->execute(new GetAccessToken( |
| 61 | ['grant_type' => 'client_credentials'], |
| 62 | ['Authorization' => "Basic $auth"] |
| 63 | )); |
| 64 | |
| 65 | if (200 !== $response->statusCode) { |
| 66 | give(Log::class)->http( |
| 67 | 'PayPal Commerce: Error retrieving access token with client credentials', |
| 68 | [ |
| 69 | 'category' => 'Payment Gateway', |
| 70 | 'source' => 'Paypal Commerce', |
| 71 | 'response' => $response, |
| 72 | ] |
| 73 | ); |
| 74 | |
| 75 | throw new RuntimeException('PayPal Commerce: Error retrieving access token with client credentials'); |
| 76 | } |
| 77 | |
| 78 | $result = (array)$response->result; |
| 79 | |
| 80 | $this->validateAccessToken($result); |
| 81 | |
| 82 | return ArrayDataSet::camelCaseKeys($result); |
| 83 | } |
| 84 | |
| 85 | /** |
| 86 | * Retrieves a token from the authorization code |
| 87 | * |
| 88 | * @since 2.32.0 Use PayPal client for rest api calls. |
| 89 | * @since 2.9.0 |
| 90 | * |
| 91 | * @param string $authCode |
| 92 | * @param string $sharedId |
| 93 | * @param string $nonce |
| 94 | * |
| 95 | * @return array|null |
| 96 | * @throws RuntimeException|\Exception |
| 97 | */ |
| 98 | public function getTokenFromAuthorizationCode($authCode, $sharedId, $nonce) |
| 99 | { |
| 100 | $auth = base64_encode($sharedId); |
| 101 | |
| 102 | $response = $this->payPalClient->getHttpClient() |
| 103 | ->execute(new GetAccessToken( |
| 104 | [ |
| 105 | 'grant_type' => 'authorization_code', |
| 106 | 'code' => $authCode, |
| 107 | 'code_verifier' => $nonce, // Seller nonce. |
| 108 | ], |
| 109 | ['Authorization' => "Basic $auth"] |
| 110 | )); |
| 111 | |
| 112 | if (200 !== $response->statusCode) { |
| 113 | give(Log::class)->http( |
| 114 | 'PayPal Commerce: Error retrieving access token with authorization code', |
| 115 | [ |
| 116 | 'category' => 'Payment Gateway', |
| 117 | 'source' => 'Paypal Commerce', |
| 118 | 'response' => $response, |
| 119 | ] |
| 120 | ); |
| 121 | |
| 122 | throw new RuntimeException('PayPal Commerce: Error retrieving access token with authorization code'); |
| 123 | } |
| 124 | |
| 125 | $result = (array)$response->result; |
| 126 | |
| 127 | $this->validateSellerAccessToken($result); |
| 128 | |
| 129 | return ArrayDataSet::camelCaseKeys($result); |
| 130 | } |
| 131 | |
| 132 | /** |
| 133 | * Retrieves a Partner Link for on-boarding |
| 134 | * |
| 135 | * @since 4.1.0 Add PayPal-Partner-Attribution-Id header |
| 136 | * @since 3.0.0 Implement $accountType. This parameter is required by GiveWP gateway server. |
| 137 | * @since 2.9.0 |
| 138 | * |
| 139 | * @return array|null |
| 140 | */ |
| 141 | public function getSellerPartnerLink($returnUrl, $accountType) |
| 142 | { |
| 143 | $response = wp_remote_retrieve_body( |
| 144 | wp_remote_post( |
| 145 | sprintf( |
| 146 | $this->connectClient->getApiUrl('paypal?mode=%1$s&request=partner-link'), |
| 147 | $this->payPalClient->getMode() |
| 148 | ), |
| 149 | [ |
| 150 | 'headers' => [ |
| 151 | 'PayPal-Partner-Attribution-Id' => give('PAYPAL_COMMERCE_ATTRIBUTION_ID'), |
| 152 | ], |
| 153 | 'body' => [ |
| 154 | 'return_url' => $returnUrl, |
| 155 | 'account_type' => $accountType, |
| 156 | ], |
| 157 | ] |
| 158 | ) |
| 159 | ); |
| 160 | |
| 161 | return empty($response) ? null : json_decode($response, true); |
| 162 | } |
| 163 | |
| 164 | /** |
| 165 | * Get seller on-boarding details from seller. |
| 166 | * |
| 167 | * @since 4.1.0 Add PayPal-Partner-Attribution-Id header |
| 168 | * @since 2.9.0 |
| 169 | * |
| 170 | * @param string $accessToken |
| 171 | * |
| 172 | * @param string $merchantId |
| 173 | * |
| 174 | * @return array |
| 175 | */ |
| 176 | public function getSellerOnBoardingDetailsFromPayPal($merchantId, $accessToken) |
| 177 | { |
| 178 | $request = wp_remote_post( |
| 179 | $this->connectClient->getApiUrl( |
| 180 | sprintf( |
| 181 | 'paypal?mode=%1$s&request=seller-status', |
| 182 | $this->payPalClient->getMode() |
| 183 | ) |
| 184 | ), |
| 185 | [ |
| 186 | 'headers' => [ |
| 187 | 'PayPal-Partner-Attribution-Id' => give('PAYPAL_COMMERCE_ATTRIBUTION_ID'), |
| 188 | ], |
| 189 | 'body' => [ |
| 190 | 'merchant_id' => $merchantId, |
| 191 | 'token' => $accessToken, |
| 192 | ], |
| 193 | ] |
| 194 | ); |
| 195 | |
| 196 | return json_decode(wp_remote_retrieve_body($request), true); |
| 197 | } |
| 198 | |
| 199 | /** |
| 200 | * Get seller rest API credentials |
| 201 | * |
| 202 | * @since 4.1.0 Add PayPal-Partner-Attribution-Id header |
| 203 | * @since 2.9.0 |
| 204 | * |
| 205 | * @param string $accessToken |
| 206 | * |
| 207 | * @return array |
| 208 | */ |
| 209 | public function getSellerRestAPICredentials($accessToken) |
| 210 | { |
| 211 | $request = wp_remote_post( |
| 212 | $this->connectClient->getApiUrl( |
| 213 | sprintf( |
| 214 | 'paypal?mode=%1$s&request=seller-credentials', |
| 215 | $this->payPalClient->getMode() |
| 216 | ) |
| 217 | ), |
| 218 | [ |
| 219 | 'headers' => [ |
| 220 | 'PayPal-Partner-Attribution-Id' => give('PAYPAL_COMMERCE_ATTRIBUTION_ID'), |
| 221 | ], |
| 222 | 'body' => [ |
| 223 | 'token' => $accessToken, |
| 224 | ], |
| 225 | ] |
| 226 | ); |
| 227 | |
| 228 | return json_decode(wp_remote_retrieve_body($request), true); |
| 229 | } |
| 230 | |
| 231 | /** |
| 232 | * Validate PayPal access token. |
| 233 | * |
| 234 | * Sample PayPal access token: https://developer.paypal.com/api/rest/authentication/#link-sampleresponse |
| 235 | * |
| 236 | * @since 3.5.1 removed app_id from required keys as PayPal no longer supplies it |
| 237 | * @since 2.25.0 |
| 238 | * |
| 239 | * @param array $accessToken Access token response from PayPal. |
| 240 | * |
| 241 | * @return void |
| 242 | * @throws UnexpectedValueException |
| 243 | */ |
| 244 | private function validateAccessToken(array $accessToken) |
| 245 | { |
| 246 | $requiredKeys = [ |
| 247 | 'scope', |
| 248 | 'access_token', |
| 249 | 'token_type', |
| 250 | 'expires_in', |
| 251 | 'nonce' |
| 252 | ]; |
| 253 | |
| 254 | if (array_diff($requiredKeys, array_keys($accessToken))) { |
| 255 | give(Log::class)->error( |
| 256 | 'PayPal Commerce: Invalid access token', |
| 257 | [ |
| 258 | 'category' => 'Payment Gateway', |
| 259 | 'source' => 'Paypal Commerce', |
| 260 | 'response' => $accessToken, |
| 261 | ] |
| 262 | ); |
| 263 | |
| 264 | throw new UnexpectedValueException('PayPal Commerce: Error retrieving access token'); |
| 265 | } |
| 266 | } |
| 267 | |
| 268 | /** |
| 269 | * Validate PayPal seller access token. |
| 270 | * |
| 271 | * Sample PayPal access token: https://developer.paypal.com/docs/multiparty/seller-onboarding/build-onboarding/#link-sampleresponse |
| 272 | * |
| 273 | * @since 2.32.0 |
| 274 | * |
| 275 | * @param array $sellerAccessToken Seller access token response from PayPal. |
| 276 | * |
| 277 | * @return void |
| 278 | * @throws UnexpectedValueException |
| 279 | */ |
| 280 | private function validateSellerAccessToken(array $sellerAccessToken) |
| 281 | { |
| 282 | $requiredKeys = [ |
| 283 | 'scope', |
| 284 | 'access_token', |
| 285 | 'token_type', |
| 286 | 'refresh_token', |
| 287 | 'expires_in', |
| 288 | 'nonce' |
| 289 | ]; |
| 290 | |
| 291 | if (array_diff($requiredKeys, array_keys($sellerAccessToken))) { |
| 292 | give(Log::class)->error( |
| 293 | 'PayPal Commerce: Invalid seller access token', |
| 294 | [ |
| 295 | 'category' => 'Payment Gateway', |
| 296 | 'source' => 'Paypal Commerce', |
| 297 | 'response' => $sellerAccessToken, |
| 298 | ] |
| 299 | ); |
| 300 | |
| 301 | throw new UnexpectedValueException('PayPal Commerce: Error retrieving seller access token'); |
| 302 | } |
| 303 | } |
| 304 | } |
| 305 |