OAuthGateway.php
3.79 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
<?php
namespace Braintree;
/**
* Braintree OAuthGateway module
* PHP Version 5
* Creates and manages Braintree Addresses
*
* @package Braintree
*/
class OAuthGateway
{
private $_gateway;
private $_config;
private $_http;
public function __construct($gateway)
{
$this->_gateway = $gateway;
$this->_config = $gateway->config;
$this->_http = new Http($gateway->config);
$this->_http->useClientCredentials();
$this->_config->assertHasClientCredentials();
}
public function createTokenFromCode($params)
{
$params['grantType'] = "authorization_code";
return $this->_createToken($params);
}
public function createTokenFromRefreshToken($params)
{
$params['grantType'] = "refresh_token";
return $this->_createToken($params);
}
public function revokeAccessToken($accessToken)
{
$params = ['token' => $accessToken];
$response = $this->_http->post('/oauth/revoke_access_token', $params);
return $this->_verifyGatewayResponse($response);
}
private function _createToken($params)
{
$params = ['credentials' => $params];
$response = $this->_http->post('/oauth/access_tokens', $params);
return $this->_verifyGatewayResponse($response);
}
private function _verifyGatewayResponse($response)
{
if (isset($response['credentials'])) {
$result = new Result\Successful(
OAuthCredentials::factory($response['credentials'])
);
return $this->_mapSuccess($result);
} else if (isset($response['result'])) {
$result = new Result\Successful(
OAuthResult::factory($response['result'])
);
return $this->_mapAccessTokenRevokeSuccess($result);
} else if (isset($response['apiErrorResponse'])) {
$result = new Result\Error($response['apiErrorResponse']);
return $this->_mapError($result);
} else {
throw new Exception\Unexpected(
"Expected credentials or apiErrorResponse"
);
}
}
public function _mapError($result)
{
$error = $result->errors->deepAll()[0];
if ($error->code == Error\Codes::OAUTH_INVALID_GRANT) {
$result->error = 'invalid_grant';
} else if ($error->code == Error\Codes::OAUTH_INVALID_CREDENTIALS) {
$result->error = 'invalid_credentials';
} else if ($error->code == Error\Codes::OAUTH_INVALID_SCOPE) {
$result->error = 'invalid_scope';
}
$result->errorDescription = explode(': ', $error->message)[1];
return $result;
}
public function _mapAccessTokenRevokeSuccess($result)
{
$result->revocationResult = $result->success;
return $result;
}
public function _mapSuccess($result)
{
$credentials = $result->credentials;
$result->accessToken = $credentials->accessToken;
$result->refreshToken = $credentials->refreshToken;
$result->tokenType = $credentials->tokenType;
$result->expiresAt = $credentials->expiresAt;
return $result;
}
public function connectUrl($params = [])
{
$query = Util::camelCaseToDelimiterArray($params, '_');
$query['client_id'] = $this->_config->getClientId();
$queryString = preg_replace('/\%5B\d+\%5D/', '%5B%5D', http_build_query($query));
return $this->_config->baseUrl() . '/oauth/connect?' . $queryString;
}
/**
* @deprecated since version 3.26.1
*/
public function computeSignature($url)
{
$key = hash('sha256', $this->_config->getClientSecret(), true);
return hash_hmac('sha256', $url, $key);
}
}
class_alias('Braintree\OAuthGateway', 'Braintree_OAuthGateway');