From 65aa184c54cdd65551dd0bee6b9e7941107b1597 Mon Sep 17 00:00:00 2001 From: Tolan Blundell Date: Thu, 19 Dec 2024 15:38:49 +0100 Subject: [PATCH 1/2] Add HMRC VAT API auth --- lib/Basket.php | 34 ++++++++++++++++++++++++++++++++- lib/Config/HmrcVatApiConfig.php | 27 ++++++++++++++++++++++++++ tests/BasketTest.php | 12 ++++++++++++ 3 files changed, 72 insertions(+), 1 deletion(-) diff --git a/lib/Basket.php b/lib/Basket.php index 5cb8bad..3793408 100644 --- a/lib/Basket.php +++ b/lib/Basket.php @@ -132,8 +132,39 @@ public function validateVatNumberHandler( $args ) * @param $args */ private function validateGbVatNumber( $args ){ - + + $clientId = $this->state->config->hmrcVatApiConfig->clientId; + $clientSecret = $this->state->config->hmrcVatApiConfig->clientSecret; + $oauthTokenUrl = $this->state->config->hmrcVatApiConfig->oauthTokenUrl; $vatUrl = $this->state->config->hmrcVatApiConfig->vatUrl; + + // Retrieve OAuth token + $optsAr = [ + 'http' => [ + 'method' => 'POST', + 'ignore_errors' => true, // Needed to get body of non-200 responses + 'header' => "Content-Type: application/x-www-form-urlencoded", + 'content' => http_build_query( [ + 'client_id' => $clientId, + 'client_secret' => $clientSecret, + 'grant_type' => 'client_credentials' + ] ) + ] + ]; + $context = stream_context_create( $optsAr ); + + $tokenResRaw = file_get_contents( $oauthTokenUrl, false, $context ); + if( $tokenResRaw === false ){ + $this->log("Unexpected error from HMRC VAT API when attempting to log retrieve OAuth token: Connection failed or no response", LogLevel::ALERT); + $this->vatCheckFailedDueToTechnicalError( $args ); + return; + } + $tokenRes = json_decode( $tokenResRaw ); + if( isset( $tokenRes->error) ){ + $this->log("Unexpected error from HMRC VAT API when attempting to log retrieve OAuth token: {$tokenRes->error} : {$tokenRes->error_description}", LogLevel::ALERT); + $this->vatCheckFailedDueToTechnicalError( $args ); + return; + } // Do VAT check $optsAr = [ @@ -142,6 +173,7 @@ private function validateGbVatNumber( $args ){ 'ignore_errors' => true, // Needed to get body of non-200 responses 'header' => [ "Accept: application/vnd.hmrc.1.0+json", + "Authorization: Bearer {$tokenRes->access_token}", ] ] ]; diff --git a/lib/Config/HmrcVatApiConfig.php b/lib/Config/HmrcVatApiConfig.php index 970a5d6..54ab00c 100644 --- a/lib/Config/HmrcVatApiConfig.php +++ b/lib/Config/HmrcVatApiConfig.php @@ -30,4 +30,31 @@ class HmrcVatApiConfig extends StructClass */ public $vatUrl; + /** + * OAuth token request URL for HMRC VAT API + * @var string + * + * @Assert\Type( type="string" ) + * @Assert\NotBlank + */ + public $oauthTokenUrl; + + /** + * OAuth client ID for HMRC VAT API + * @var string + * + * @Assert\Type( type="string" ) + * @Assert\NotBlank + */ + public $clientId; + + /** + * OAuth client secret for HMRC VAT API + * @var string + * + * @Assert\Type( type="string" ) + * @Assert\NotBlank + */ + public $clientSecret; + } diff --git a/tests/BasketTest.php b/tests/BasketTest.php index 988b974..896610e 100644 --- a/tests/BasketTest.php +++ b/tests/BasketTest.php @@ -848,6 +848,13 @@ private function prepareBasket( bool $passTemplatesAsConfig = false ) { + if( ! getenv('hmrc_client_id') ){ + throw new \Exception( "Please set the hmrc_client_id environment variable" ); + } + if( ! getenv('hmrc_client_secret') ){ + throw new \Exception( "Please set the hmrc_client_secret environment variable" ); + } + if( ! getenv('hmrc_use_live_api') ){ throw new \Exception( "Please set the hmrc_use_live_api environment variable" ); } @@ -855,9 +862,11 @@ private function prepareBasket( $useHmrcLiveApi = strtolower(getenv('hmrc_use_live_api')); if( $useHmrcLiveApi === "true" ){ $vatUrl = "https://api.service.hmrc.gov.uk/organisations/vat/check-vat-number/lookup/"; + $oauthTokenUrl = "https://api.service.hmrc.gov.uk/oauth/token"; $this->validUkVatNumber = "569953277"; // Vodafone UK's VAT number }else{ $vatUrl = "https://test-api.service.hmrc.gov.uk/organisations/vat/check-vat-number/lookup/"; + $oauthTokenUrl = "https://test-api.service.hmrc.gov.uk/oauth/token"; $this->validUkVatNumber = "166804280212"; // 166804280212 is a test vat number for use with the HMRC VAT API test environment } @@ -880,7 +889,10 @@ private function prepareBasket( 'paymentProviders' => $this->getPaymentProvidersConfig($passTemplatesAsConfig), 'billingAddress' => $billingAddress, 'hmrcVatApiConfig' => [ + "oauthTokenUrl" => $oauthTokenUrl, "vatUrl" => $vatUrl, + "clientId" => getenv('hmrc_client_id'), + "clientSecret" => getenv('hmrc_client_secret'), ], 'geoIpDbPath' => $geoDbPath ]; From e1c4ea0cdf51bd7b2d30f197b1e94a7601140de9 Mon Sep 17 00:00:00 2001 From: Tolan Blundell Date: Thu, 19 Dec 2024 15:43:39 +0100 Subject: [PATCH 2/2] Add auth settings for github actions --- .github/workflows/php.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/php.yml b/.github/workflows/php.yml index 654c1cd..1db1dc2 100644 --- a/.github/workflows/php.yml +++ b/.github/workflows/php.yml @@ -44,5 +44,7 @@ jobs: run: ./vendor/bin/phpunit tests/ env: vatlayer_api_key: ${{ secrets.VATLAYER_API_KEY }} + hmrc_client_id: ${{ secrets.HMRC_CLIENT_ID }} + hmrc_client_secret: ${{ secrets.HMRC_CLIENT_SECRET }} hmrc_use_live_api: false geoip_db_path: /tmp/GeoLite2-Country.mmdb