Magento – Magento 2: Successful oAuth/Integration Flow

apimagento2oauthrest

Does anyone have or know of working PHP code to complete an oAuth API integration request flow? I've gotten past the activation step, and my application has the following information

    [oauth_consumer_key] => x...0
    [oauth_consumer_secret] => j...l
    [store_base_url] => http://magento.example.com/
    [oauth_consumer_secret] => 5...n

According to the docs, I'm supposed to use this information to make an oAuth request to

/oauth/token/request

for a temporary request token, and then use that temporary request token to fetch a longer term access token from

/oauth/token/access

and this longer term access token can be used to make API requests.

Or — so I assume. The docs are a bit cryptic on this.

For example, this section makes mention of the parameters to use for the request to /oauth/token/request, but doesn't provide what the oAuth version should be, nor how the oauth_signature parameter should be generated. It's also a little confusing when talking about the values you need to send once you have your tokens — as I'd expect to see a secret in there.

Finally, the checklogin.php code from dev docs makes use of two classes, OAuth\Common\Consumer\Credentials and OauthClient.

$credentials = new \OAuth\Common\Consumer\Credentials($consumerKey, $consumerSecret, $magentoBaseUrl);
$oAuthClient = new OauthClient($credentials);

The first seems to be part of the lusitanian/oauth composer package, which is easy enough to use. However — the OauthClient seems to be part of Magento's API testing framework, which makes it not trivial or obvious how to use it.

I know I can also use my admin username or customer session as API credentials. I'm specifically interested in API Integrations.

Best Answer

We implement the oAuth request token from openAM and created the new user in Magento2. As we manage user groups and role in our system and using oAuth token to validate it. Hopefully this will help you little

// get admin Token to create the customer Account in realm Data stores
        $ch = curl_init('http://openam/json/authenticate');
        curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
        curl_setopt($ch, CURLOPT_HTTPHEADER, array(
            'X-OpenAM-Username: uradmin',
            'X-OpenAM-Password: urpassword',
            'Accept-API-Version: resource=2.0, protocol=1.0'
          )
        );

        $result = curl_exec($ch);

        curl_close($ch);

        if (array_key_exists('tokenId', json_decode($result, true))) {
            $adminToke = json_decode($result, true)["tokenId"];

            //create user in OpenAM Customer Realm
            $data = array("username" => $email, "userpassword" => $password,"mail"=>$email);
            $data_string = json_encode($data);

            $ch = curl_init('http://openam/json/admingroup/users/?_action=create');
            curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
            curl_setopt($ch, CURLOPT_POSTFIELDS, $data_string);
            curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
            curl_setopt($ch, CURLOPT_HTTPHEADER, array(
                'Content-Type: application/json',
                'iplanetDirectoryPro:'.$adminToke.''
              )
            );


            curl_close($ch);

            // create Magento Customer in Magento DB


            $customer=$this->_objectManager->create('Magento\Customer\Model\Customer');
            $customer->setWebsiteId($this->_objectManager->create('Supplier\Delegate\Helper\Data')->getCurrentWebsiteId());
            $customer->setStoreId($this->_objectManager->create('Manufacture\Dealers\Helper\Data')->getCurrentStoreId());
            $customer->setGroupId(5);
            $customer->setFirstname($firstName);
            $customer->setLastname($lastName);
            $customer->setEmail($email);
            $customer->setPassword($password);


            try{
                $customer->save();
            }
            catch   (\Exception $exception)
            {
                $this->messageManager->addError($exception->getMessage());
                return $this->resultRedirectFactory->create()->setPath('*/*/register');
            }
            //save SupplierDelgate Model
            $model = $this->_objectManager->create('Manufacture\Dealers\Model\Suppliers');
            $model->setDelegateId($customer->getId());
            $model->setParentSupplierId($supplierParentId);
            $model->setRole($role);
            $model->save();

            $address =$this->_objectManager->create('Magento\Customer\Model\Address');
            $address->setCustomerId($customer->getId())
              ->setFirstname($customer->getFirstname())
              ->setMiddleName($customer->getMiddlename())
              ->setLastname($customer->getLastname())
              ->setCountryId('SA')
              //->setRegionId('1') //state/province, only needed if the country is USA
              ->setPostcode($postCode)
              ->setCity($city)
              ->setTelephone($telephone)
              ->setFax($fax)
              ->setCompany($company)
              ->setStreet($street)
              ->setIsDefaultBilling('1')
              ->setIsDefaultShipping('1')
              ->setSaveInAddressBook('1');

            try{
                $address->save();
                $this->_objectManager->create('Manufacture\Dealers\Helper\Data')->setCustomerStatus("Active",$customer->getId());

                $this->messageManager->addSuccess(__('registration have been completed Successfully '));
                $this->_redirect('customer/account/login/');

            }
            catch (Exception $e) {
                Zend_Debug::dump($e->getMessage());
            }

--Yogi--

Related Solutions

Magento – OAUTH Flow in Magento2

Magento2 uses 2-legged oAuth Handshake in order to retrieve oAuth tokens by the remote integration.

Here is documentation

Magento 2 – Changing Expiration Time for oAuth Token Request in Backend

I think what you're looking for can be found under Admin > Stores > Configuration > Services > OAuth tab:

The interesting thing is that default value is not 3 minutes but actually 5 minutes (300 seconds).

The default values are set under \app\code\Magento\Integration\etc\config.xml:

<default>
    <oauth>
        <cleanup>
            <cleanup_probability>100</cleanup_probability>
            <expiration_period>120</expiration_period>
        </cleanup>
        <consumer>
            <expiration_period>300</expiration_period>
            <post_maxredirects>0</post_maxredirects>
            <post_timeout>5</post_timeout>
        </consumer>
        <authentication_lock>
            <max_failures_count>6</max_failures_count>
            <timeout>1800</timeout>
        </authentication_lock>
    </oauth>
</default>

Another interesting thing is that, on top of this default value, an extra default value is defined under \app\code\Magento\Integration\Helper\Oauth\Data.php:

const CONSUMER_EXPIRATION_PERIOD_DEFAULT = 300;

This value is used in case the expiry is set to a negative number:

public function getConsumerExpirationPeriod()
{
    $seconds = (int)$this->_scopeConfig->getValue(
        self::XML_PATH_CONSUMER_EXPIRATION_PERIOD,
        \Magento\Store\Model\ScopeInterface::SCOPE_STORE
    );
    return $seconds > 0 ? $seconds : self::CONSUMER_EXPIRATION_PERIOD_DEFAULT;
}

NB: the screenshot is from a 2.0.0 install, I reckon an Authentication lock section has been added since.

Best Answer

Related Solutions

Magento – OAUTH Flow in Magento2

Magento 2 – Changing Expiration Time for oAuth Token Request in Backend

Related Topic