search

davidtsadler / ebay-sdk-php

An eBay SDK for PHP. Use the eBay API in your PHP projects.
Apache License 2.0
350 stars 343 forks source link

Allow OAuth tokens for trading api #67

Closed tudor2004 closed 7 years ago

tudor2004 commented 7 years ago

This PR allows making Trading API calls using the new OAuth token by setting the X-EBAY-API-IAF-TOKEN header and making sure no RequesterCredentials are sent.

davidtsadler commented 7 years ago

Have to admit that I've not come across the X-EBAY-API-IAF-TOKEN header. Does eBay support this? I haven't found anything in the documentation. Is there something that you could point me to so that I can reasearch it a bit more?

tudor2004 commented 7 years ago

Yes, I also haven't found anything in the docs so I requested premium support from them: Here is their response:

To use OAuth token in trading API calls, you will need to: a) pass the OAuth token in the http request header ‘X-EBAY-API-IAF-TOKEN’ b) remove container from request

  1. SOAP request sample: 

    POST https://api.ebay.com/wsapi?callname=GetUser &version=975 &siteid=0  HTTP/1.1
Accept-Encoding: gzip,deflate
Content-Type: text/xml;charset=UTF-8
SOAPAction: ""
X-EBAY-API-IAF-TOKEN: v^1.1#i^1#I^3#p^3#f^0#r^0#t^H4sIAAAAAAAAAO1  xxxxx
Content-Length: 434
Host: api.sandbox.ebay.com
Connection: Keep-Alive
User-Agent: Apache-HttpClient/4.1.1 (java 1.5)

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:urn="urn:ebay:apis:eBLBaseComponents">
<soapenv:Body>
   <urn:GetUserRequest>
      <urn:Version>975 </urn:Version>
      <urn:MessageID>Soap call - OAuth Token in trading  </urn:MessageID>
      <urn:DetailLevel>ReturnAll </urn:DetailLevel>
   </urn:GetUserRequest >
</soapenv:Body>
</soapenv:Envelope>

  2. XML request sample:

    POST https://api.ebay.com/ws/api.dll HTTP/1.1
Accept-Encoding: gzip,deflate
Content-Type: text/xml;charset=UTF-8
SOAPAction: ""
X-EBAY-API-COMPATIBILITY-LEVEL : 945
X-EBAY-API-IAF-TOKEN: v^1.1#i^1#I^3#p^3#f^0#r^0#t^H4sIAAAAAAAAAO1  xxxxx
X-EBAY-API-SITEID : 0
X-EBAY-API-CALL-NAME : GetUser
Content-Length: 245
Host: api.ebay.com
Connection: Keep-Alive
User-Agent: Apache-HttpClient/4.1.1 (java 1.5)

<?xml version="1.0" encoding="utf-8"?> 
<GetUserRequest xmlns="urn:ebay:apis:eBLBaseComponents">
<Version>945</Version>
<MessageID>XML call: OAuth Token in trading  </MessageID>
<DetailLevel>ReturnAll </DetailLevel>
</GetUserRequest>

Note: You cannot use Auth &Auth token with Rest API calls. Also, since the Oauth token will expire after every 2 hrs. you will need to implement a flow to renew the Oauth token using Refresh Token before it expires.

davidtsadler commented 7 years ago

Nice. I'm aiming to get a release out this month so I will include this PR.

tudor2004 commented 7 years ago

One last info, do you also plan to include the Marketing API in the new release?

davidtsadler commented 7 years ago

Yep. It's on the develop branch at tbe moment. It will be part of the next release, along with the new REST services.

I'll check to see if other services support the X-EBAY-API-IAF-TOKEN header and will add it if they do.