Merge pull request #57 from Weebly/master

Add support for OAuth Bearer tokens

Author: robin-shippo

lib/Shippo/ApiRequestor.php

@@ -106,31 +106,30 @@ public function handleApiError($rbody, $rcode, $resp)
                 throw new Shippo_ApiError($msg, $rcode, $rbody, $resp);
         }
     }
-    
-    private function _requestRaw($method, $url, $params)
+
+    public function getRequestHeaders()
     {
-        $myApiKey = $this->_apiKey;
-        if (!$myApiKey)
-            $myApiKey = Shippo::$apiKey;
-        
-        if (!$myApiKey) {
-            $msg = 'No credentials provided.';
-            throw new Shippo_AuthenticationError($msg);
-        }
-        
-        $absUrl = $this->apiUrl($url);
-        $params = self::_encodeObjects($params);
-        $langVersion = phpversion();
-        $uname = php_uname();
+        $apiKey = $this->_getApiKey();
+
         $headers = array(
             'Content-Type: application/json',
-            'Authorization: ShippoToken ' . $myApiKey,
+            'Authorization: ' . $this->_getAuthorizationType($apiKey) . ' ' . $apiKey,
             'Accept: application/json',
             'User-Agent: Shippo/v1 PHPBindings/' . Shippo::VERSION
         );
         if (Shippo::getApiVersion()){
             $headers[] = 'Shippo-API-Version: ' . Shippo::getApiVersion();
         }
+
+        return $headers;
+    }
+    
+    private function _requestRaw($method, $url, $params)
+    {
+        $absUrl = $this->apiUrl($url);
+        $params = self::_encodeObjects($params);
+        $myApiKey = $this->_getApiKey();
+        $headers = $this->getRequestHeaders();
 
         list($rbody, $rcode) = $this->httpClient()->request($method, $absUrl, $headers, $params);
         return array(
@@ -155,7 +154,24 @@ private function _interpretResponse($rbody, $rcode)
         }
         return $resp;
     }
-    
+
+    private function _getApiKey()
+    {
+        $apiKey = $this->_apiKey;
+        if (!$apiKey)
+            $apiKey = Shippo::$apiKey;
+
+        if (!$apiKey) {
+            throw new Shippo_AuthenticationError('No credentials provided.');
+        }
+
+        return $apiKey;
+    }
+
+    private function _getAuthorizationType($apiKey = '')
+    {
+        return strpos($apiKey, 'oauth.') === 0 ? 'Bearer' : 'ShippoToken';
+    }
 
     public static function setHttpClient($client)
     {

test/ApiRequestorTest.php

@@ -37,5 +37,47 @@ public function testEncodeObjects()
             ));
         }
     }
-    
+
+    /**
+     * @dataProvider provideValidAPITokens
+     *
+     * @param $expectedAuthorizationType
+     * @param $apiToken
+     */
+    public function testGetAuthorizationType($expectedAuthorizationType, $apiToken)
+    {
+        $apiRequestor = new Shippo_ApiRequestor($apiToken);
+        $headers = $apiRequestor->getRequestHeaders();
+        $authorizationHeader = current(array_filter($headers, function ($header) {
+            return strpos($header, 'Authorization:') === 0;
+        }));
+
+        $this->assertEquals(strpos($authorizationHeader, 'Authorization: ' . $expectedAuthorizationType), 0);
+    }
+
+    public function provideValidAPITokens()
+    {
+        return [
+            'oauth bearer token' => [
+                'Bearer',
+                'oauth.612BUDkTaTuJP3ll5-VkebURXUIJ5Zefxwda1tpd.U_akmGaXVQl80CWPXSbueSG7NX7sNe_HvLJLN1d1pn0='
+            ],
+            'random oauth formatted token' => [
+                'Bearer',
+                'oauth.foo'
+            ],
+            'shippo token' => [
+                'ShippoToken',
+                'dW5pdHRlc3Q6dW5pdHRlc3Q='
+            ],
+            'random token' => [
+                'ShippoToken',
+                'askdljfgaklsdfjalskdfjalksjd'
+            ],
+            'random token with oauth in the string' => [
+                'ShippoToken',
+                'askdljfgaklsdfjalskdfjalksjd.oauth'
+            ],
+        ];
+    }
 }

test/ShippoBaseTest.php

@@ -7,4 +7,10 @@ public function testSetApiKey()
         Shippo::setApiKey('dW5pdHRlc3Q6dW5pdHRlc3Q=');
         $this->assertEquals(Shippo::getApiKey(), 'dW5pdHRlc3Q6dW5pdHRlc3Q=');
     }
-}
+
+    public function testSetOAuthTokenApiKey()
+    {
+        Shippo::setApiKey('oauth.612BUDkTaTuJP3ll5-VkebURXUIJ5Zefxwda1tpd.U_akmGaXVQl80CWPXSbueSG7NX7sNe_HvLJLN1d1pn0=');
+        $this->assertEquals(Shippo::getApiKey(), 'oauth.612BUDkTaTuJP3ll5-VkebURXUIJ5Zefxwda1tpd.U_akmGaXVQl80CWPXSbueSG7NX7sNe_HvLJLN1d1pn0=');
+    }
+}