From 2e8a8d6df1f1237bc3f4fc264df877c6109c78bb Mon Sep 17 00:00:00 2001
From: JohnMcCombs <john@tusksoft.com>
Date: Wed, 13 Apr 2022 04:16:46 +0700
Subject: [PATCH] Add SSO feature

---
 example/Data.php              | 83 +++++++++++++++++++++++++++++++++++
 example/cart.php              | 24 +++++++++-
 example/sso/getaccount.php    | 36 +++++++++++++++
 example/sso/logout.php        | 24 ++++++++++
 example/sso/oauthredirect.php | 34 ++++++++++++++
 5 files changed, 199 insertions(+), 2 deletions(-)
 create mode 100644 example/sso/getaccount.php
 create mode 100644 example/sso/logout.php
 create mode 100644 example/sso/oauthredirect.php

diff --git a/example/Data.php b/example/Data.php
index dff6117..bacf57e 100644
--- a/example/Data.php
+++ b/example/Data.php
@@ -75,6 +75,89 @@ public function generateCart()
         return $cart;
     }
 
+    /**
+     * @return array
+     */
+    public function getOAuthConfiguration() {
+        $publishableKey = \BoltPay\Bolt::$apiPublishableKey;
+        $publishableKeySplit = explode('.', $publishableKey);
+        $clientID = end($publishableKeySplit);
+        $clientSecret = \BoltPay\Bolt::$signingSecret;
+
+        $boltPublicKey = $this->getPublicKey();
+
+        return [$clientID, $clientSecret, $boltPublicKey];
+    }
+
+    /**
+     * @param $code
+     * @param $scope
+     * @param $clientId
+     * @param $clientSecret
+     * @return \BoltPay\Http\Response|string
+     */
+    public function exchangeToken($code, $scope, $clientId, $clientSecret)
+    {
+        try {
+            $ch = curl_init();
+            $contentLength = 0;
+
+            $headers = array(
+                'Content-Type: application/x-www-form-urlencoded',
+                'Content-Length: ' . $contentLength,
+                'X-Api-Key: ' . \BoltPay\Bolt::$apiKey,
+                'X-Nonce: ' . rand(100000000, 999999999),
+                'User-Agent: BoltPay/PHP-Client-0.1'
+            );
+            $baseURL = \BoltPay\Bolt::$isSandboxMode ? \BoltPay\Bolt::$apiSandboxUrl . '/v1/' : \BoltPay\Bolt::$apiProductionUrl . '/v1/';
+            curl_setopt($ch, CURLOPT_URL, $baseURL);
+            curl_setopt($ch, CURLOPT_POST, true);
+            curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
+            curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
+            curl_setopt($ch, CURLOPT_HEADER, true);
+
+            curl_setopt($ch, CURLOPT_POSTFIELDS, "grant_type=authorization_code&code={$code}&scope={$scope}&client_id={$clientId}&client_secret={$clientSecret}");
+
+            $rawResponse = curl_exec($ch);
+
+            if ($rawResponse === false) { // Timeout
+                curl_close($ch);
+                return new Response(0, "{}", 0);
+            }
+
+            $statusCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
+            $headerSize = curl_getinfo($ch, CURLINFO_HEADER_SIZE);
+            curl_close($ch);
+
+            $chHeaders = substr($rawResponse, 0, $headerSize);
+            $body = json_decode(substr($rawResponse, $headerSize));
+
+            $boltTraceId = '';
+            foreach(explode("\r\n", $chHeaders) as $row) {
+                if(preg_match('/(.*?): (.*)/', $row, $matches)) {
+                    if(count($matches) == 3 && $matches[1] == 'X-Bolt-Trace-Id') {
+                        $boltTraceId = $matches[2];
+                        break;
+                    }
+                }
+            }
+            $response = new \BoltPay\Http\Response($statusCode, $body ?: [], $boltTraceId);
+
+            return empty($response) ? 'empty response' : $response;
+        } catch (\Exception $exception) {
+            return $exception->getMessage();
+        }
+    }
+
+    /**
+     * @return string
+     */
+    public function getPublicKey()
+    {
+        return \BoltPay\Bolt::$isSandboxMode ?
+            'MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAumrI98nQ0thJELhOa0AI4fQkEEuh9gHOFEQUjVZzSZO/O5x42mugJyMq3hDGwJBOH2FUgT5WnGt9tHJ9NbTwfZtljOyRkmoTUGFkQIcRZy/b0fD9/IfFXuAXJebflCIVFO/UnFRN4Z9RQqx+vffAE+qNnQV/V/455Qw0+/HW5n06Df0UVYXiZ1+2RXfGIinPcUgMS59r12kJDahELTWWcwa1gJE1UnSUiwTO7dDp1IjgGml6cpbynYcROyuz4wNumIj7w6tH+krmPguTYXPmKVSmZtqFCh1reXonSZBQ9XvuWhQbY3skf7X2AELHB6nkUNaUlVlSbG/DiHjxSAvSr3HSKLHiaYuB3VA/FWgfSWvg9kZVE9d1Qg+JhYL8kIxcWIgH37onIR5gh7lep0u73WlgFy97tjy9uiTmcjrzBBXtxl5PsLGaTJGPkZnAON4BH0Njuq23G/ZHXcJvX8uFs4VlfItq838SjJqzCrWS5eK4mKX669dYEXenjv8mqqkKSD3PNZl4ixwfMkhmVAeYA0qPnq5rt7XA5mVlr5BNkpal29fL/s6CcdfAylzvzS3C1a6z3ZpZSl2yGAfDgceC4+h+iLJmyeZM3Jz1jttE9BTUxwlhQvO/xIDkJXGgU9y8TMy/rNcPS/qOW1k4DDcTM/eCqsISa58WWiCO0WQUW6ECAwEAAQ=='
+            : 'MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAsfwvIFA3rstwsFizP9Yyjq8okQZFFZoxjORzdapQdf8UDQ/1hVTi26epvRKcKg0Zwxq6s/m1TWXsWJjIpAPWFVABcUufHnxgwXWyHsCedEmaJzomgoehMB/Ul4hNVfj0Dt7eNjsa2EboJ41B5Ir7MZ4LR1PRs2vlGQN73cEUQSrd0vtYPV69DXABk/o4fW+qU9iyWoCfJdhMWon32edMGnz6qxg0mFlOP0NTkkZPS3MbIoIxuhYT5/E35WoL60eSVjdPxYc4qeEK1+mOSKtjDku3mEsz5R3G20xUhK8lxSRqIIPbRyg9Y8Cg5LkXTsBDSGZX445bXsfeR9RigVblqLPFNQVcXyBV2CQe/bBwaLGxrNSXWUCWP+ITu+QVWAJ+HXMfyWDuPI0gVrlyC6BIEq6i4nC4UGZjs0MkU3mHTI2oojg6m0uDJvuwtxUq4mPdMhxXfnr8NJWvG2vzVQ+wds//9663VHbnCXi87PqtSaFbLFVUYNoJdDINQRtpnZNFxebH524k6dM9dZnA6rTdUwSoXbzE5HL64sUY6HCnNkqRS0HiwQBuz6WxDh7wuocxcXuAIwpYD3IYf1HKF1vyGtdHbLn7GhhDuelEzN3JgPdntrNp6tuLGJb47tO1KVz+/ps4e97colDjQAP7R8halVYUIGQ3rjwhZJXQP1suU0kCAwEAAQ==';
+    }
     public function generateCartPaymentOnly()
     {
         $cart = $this->generateCart();
diff --git a/example/cart.php b/example/cart.php
index 60512fb..cdb5773 100644
--- a/example/cart.php
+++ b/example/cart.php
@@ -13,7 +13,7 @@
  * @copyright  Copyright (c) 2018 Bolt Financial, Inc (https://www.bolt.com)
  * @license    https://opensource.org/licenses/MIT  MIT License (MIT)
  */
-
+session_start();
 /** Render valid HTML with bolt checkout button */
 require(dirname(__FILE__) . '/init_example.php');
 
@@ -165,11 +165,31 @@
             padding: 12px 10px;
         }
 
+        .bolt-account-sso {
+            float: left;
+        }
+
+        .bolt-account-login {
+            float:right;
+        }
 
+        .header {
+            padding-top: 10px;
+            padding-bottom: 5px;
+        }
     </style>
 </head>
 <body>
-<div class="bolt-account-login"></div>
+<div class="header">
+    <?php if (@$_SESSION['logged_in']): ?>
+        <div class="bolt-sso-custom" data-logged-in="true" style="float: left">
+           <a href="<?php echo $exampleData->getBaseUrl().'/example/sso/logout.php'; ?>">Logout</a>
+        </div>
+    <?php else: ?>
+        <div class="bolt-account-sso" data-logged-in="false" style="float: left"></div>
+    <?php endif; ?>
+    <div class="bolt-account-login" style="float:right;"></div>
+</div>
 <div class="cart-title">
     <h1>SHOPPING CART</h1>
 </div>
diff --git a/example/sso/getaccount.php b/example/sso/getaccount.php
new file mode 100644
index 0000000..22dc814
--- /dev/null
+++ b/example/sso/getaccount.php
@@ -0,0 +1,36 @@
+<?php
+/**
+ * Bolt PHP library
+ *
+ * NOTICE OF LICENSE
+ *
+ * This source file is subject to the MIT License (MIT)
+ * that is bundled with this package in the file LICENSE.
+ * It is also available through the world-wide-web at this URL:
+ * https://opensource.org/licenses/MIT
+ *
+ * @category   Bolt
+ * @copyright  Copyright (c) 2018 Bolt Financial, Inc (https://www.bolt.com)
+ * @license    https://opensource.org/licenses/MIT  MIT License (MIT)
+ */
+
+/** Return hardcoded shipping methods. */
+require(dirname(__FILE__) . '/../init_example.php');
+
+$hmacHeader = @$_SERVER['HTTP_X_BOLT_HMAC_SHA256'];
+
+$signatureVerifier = new \BoltPay\SignatureVerifier(
+    \BoltPay\Bolt::$signingSecret
+);
+
+$requestJson = file_get_contents('php://input');
+
+if (!$signatureVerifier->verifySignature($requestJson, $hmacHeader)) {
+    throw new Exception("Failed HMAC Authentication");
+}
+$customerId = 2;
+$response = ['id' => $customerId];
+
+header('Content-Type: application/json');
+http_response_code(200);
+echo json_encode($response);
\ No newline at end of file
diff --git a/example/sso/logout.php b/example/sso/logout.php
new file mode 100644
index 0000000..ed01381
--- /dev/null
+++ b/example/sso/logout.php
@@ -0,0 +1,24 @@
+<?php
+/**
+ * Bolt PHP library
+ *
+ * NOTICE OF LICENSE
+ *
+ * This source file is subject to the MIT License (MIT)
+ * that is bundled with this package in the file LICENSE.
+ * It is also available through the world-wide-web at this URL:
+ * https://opensource.org/licenses/MIT
+ *
+ * @category   Bolt
+ * @copyright  Copyright (c) 2018 Bolt Financial, Inc (https://www.bolt.com)
+ * @license    https://opensource.org/licenses/MIT  MIT License (MIT)
+ */
+
+/** Return hardcoded shipping methods. */
+
+require(dirname(__FILE__) . '/../init_example.php');
+session_start();
+$_SESSION['logged_in'] = false;
+$exampleData = new \BoltPay\Example\Data();
+$cartPageURL = $exampleData->getBaseUrl().'/example/cart.php';
+header("Location:$cartPageURL");
\ No newline at end of file
diff --git a/example/sso/oauthredirect.php b/example/sso/oauthredirect.php
new file mode 100644
index 0000000..03b0ae7
--- /dev/null
+++ b/example/sso/oauthredirect.php
@@ -0,0 +1,34 @@
+<?php
+/**
+ * Bolt PHP library
+ *
+ * NOTICE OF LICENSE
+ *
+ * This source file is subject to the MIT License (MIT)
+ * that is bundled with this package in the file LICENSE.
+ * It is also available through the world-wide-web at this URL:
+ * https://opensource.org/licenses/MIT
+ *
+ * @category   Bolt
+ * @copyright  Copyright (c) 2018 Bolt Financial, Inc (https://www.bolt.com)
+ * @license    https://opensource.org/licenses/MIT  MIT License (MIT)
+ */
+
+/** Return hardcoded shipping methods. */
+
+require(dirname(__FILE__) . '/../init_example.php');
+session_start();
+$hmacHeader = @$_SERVER['HTTP_X_BOLT_HMAC_SHA256'];
+
+$signatureVerifier = new \BoltPay\SignatureVerifier(
+    \BoltPay\Bolt::$signingSecret
+);
+
+$requestJson = file_get_contents('php://input');
+$exampleData = new \BoltPay\Example\Data();
+$cartPageURL = $exampleData->getBaseUrl().'/example/cart.php';
+
+$_SESSION['logged_in'] = true;
+header('Content-Type: application/json');
+http_response_code(200);
+header("Location:$cartPageURL");