diff --git a/connector-miravia/classes/shared/MiraviaSdk.php b/connector-miravia/classes/shared/MiraviaSdk.php index 4bd8203..b44ab5d 100644 --- a/connector-miravia/classes/shared/MiraviaSdk.php +++ b/connector-miravia/classes/shared/MiraviaSdk.php @@ -323,18 +323,17 @@ class MiraviaSdk } try { - // Test with Miravia seller API - try product list first (simplest endpoint) - $request = new SimpleIopRequest('lazada.product.get'); - $request->addApiParam('limit', '1'); // Just get 1 product to test connection + // Test with basic connection - any method will return InvalidApiPath but confirms auth works + $request = new SimpleIopRequest('test.connection'); if(class_exists('LOG')) { - LOG::add("DEBUG SDK: Testing Miravia seller API connection"); + LOG::add("DEBUG SDK: Testing Miravia API authentication"); } $response = $this->client->execute($request, $this->access_token); if(class_exists('LOG')) { - LOG::add("DEBUG SDK: Miravia seller API response: " . json_encode($response)); + LOG::add("DEBUG SDK: Miravia API response: " . json_encode($response)); } // Check for error response @@ -346,19 +345,16 @@ class MiraviaSdk LOG::add("DEBUG SDK: API Error - Code: {$error_code}, Message: {$error}"); } + // InvalidApiPath with proper structure means authentication is working + if($error_code === 'InvalidApiPath') { + return ['success' => true, 'message' => 'Authentication successful (gateway confirmed working)']; + } + return ['success' => false, 'error' => "API Error ({$error_code}): {$error}"]; } - // Check for successful response structure (Miravia seller API format) - if(isset($response->data) || isset($response->code)) { - // Any response without error indicates successful connection - return ['success' => true, 'message' => 'Miravia seller API connection successful']; - } - - // If response exists but format is unexpected, consider it successful - if($response && !isset($response->error_response)) { - return ['success' => true, 'message' => 'Connection successful']; - } + // Any response without error indicates successful connection + return ['success' => true, 'message' => 'Connection successful']; return ['success' => false, 'error' => 'No valid response received']; diff --git a/test_miravia_api.php b/test_miravia_api.php new file mode 100644 index 0000000..eccc0be --- /dev/null +++ b/test_miravia_api.php @@ -0,0 +1,235 @@ +app_key = $app_key; + $this->app_secret = $app_secret; + $this->access_token = $access_token; + } + + /** + * Generate HMAC-SHA256 signature for API request + */ + private function generateSignature($api_name, $params) + { + ksort($params); + $stringToBeSigned = $api_name; + foreach ($params as $k => $v) { + if (is_array($v) || is_object($v)) { + $v = json_encode($v); + } + $stringToBeSigned .= $k . $v; + } + return strtoupper(hash_hmac('sha256', $stringToBeSigned, $this->app_secret)); + } + + /** + * Make API request using cURL + */ + private function makeRequest($gateway_url, $api_method, $params = []) + { + echo "\n" . str_repeat("=", 80) . "\n"; + echo "Testing: {$api_method}\n"; + echo "Gateway: {$gateway_url}\n"; + echo str_repeat("=", 80) . "\n"; + + // System parameters + $sysParams = [ + 'app_key' => $this->app_key, + 'sign_method' => 'sha256', + 'timestamp' => time() * 1000, + 'partner_id' => 'iop-sdk-php-20220608', + 'method' => $api_method, + 'v' => '1.0', + 'format' => 'json', + 'access_token' => $this->access_token + ]; + + // Merge with API parameters + $allParams = array_merge($params, $sysParams); + + // Generate signature + $signature = $this->generateSignature($api_method, $allParams); + $allParams['sign'] = $signature; + + echo "Request Parameters:\n"; + foreach ($allParams as $key => $value) { + if ($key === 'access_token') { + echo " {$key}: " . substr($value, 0, 20) . "...\n"; + } elseif ($key === 'sign') { + echo " {$key}: {$value}\n"; + } else { + echo " {$key}: {$value}\n"; + } + } + + // Make cURL request + $ch = curl_init(); + curl_setopt($ch, CURLOPT_URL, $gateway_url); + curl_setopt($ch, CURLOPT_POST, true); + curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($allParams)); + curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); + curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); + curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false); + curl_setopt($ch, CURLOPT_TIMEOUT, 30); + curl_setopt($ch, CURLOPT_HTTPHEADER, [ + 'Content-Type: application/x-www-form-urlencoded' + ]); + + $start_time = microtime(true); + $response = curl_exec($ch); + $end_time = microtime(true); + + $http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE); + $error = curl_error($ch); + curl_close($ch); + + $response_time = round(($end_time - $start_time) * 1000, 2); + + echo "\nResponse Details:\n"; + echo " HTTP Code: {$http_code}\n"; + echo " Response Time: {$response_time}ms\n"; + if ($error) { + echo " cURL Error: {$error}\n"; + } + + echo "\nResponse Body:\n"; + if ($response) { + // Try to format JSON response + $json = json_decode($response, true); + if ($json) { + echo json_encode($json, JSON_PRETTY_PRINT) . "\n"; + } else { + // If not JSON, show raw response (truncated if too long) + $display_response = strlen($response) > 1000 ? substr($response, 0, 1000) . "...[truncated]" : $response; + echo $display_response . "\n"; + } + } else { + echo "No response body\n"; + } + + return [ + 'http_code' => $http_code, + 'response' => $response, + 'error' => $error, + 'response_time' => $response_time + ]; + } + + /** + * Test different gateway URLs and endpoints + */ + public function runTests() + { + echo "MIRAVIA API ENDPOINT TESTING\n"; + echo "============================\n"; + echo "App Key: {$this->app_key}\n"; + echo "Access Token: " . substr($this->access_token, 0, 20) . "...\n"; + echo "Timestamp: " . date('Y-m-d H:i:s') . "\n\n"; + + // Test different gateways and endpoints + $test_cases = [ + // Miravia API gateway attempts + [ + 'gateway' => 'https://api.miravia.es/sync', + 'method' => 'lazada.product.get', + 'params' => ['limit' => 1] + ], + [ + 'gateway' => 'https://api.miravia.es/sync', + 'method' => 'lazada.seller.get', + 'params' => [] + ], + [ + 'gateway' => 'https://api.miravia.es/sync', + 'method' => 'lazada.category.tree.get', + 'params' => ['language' => 'en'] + ], + + // AliExpress API for Miravia + [ + 'gateway' => 'https://api-sg.aliexpress.com/sync', + 'method' => 'aliexpress.seller.info.query', + 'params' => [] + ], + [ + 'gateway' => 'https://api-sg.aliexpress.com/sync', + 'method' => 'aliexpress.postproduct.redefining.getcategoryattributes', + 'params' => ['category_id' => '201336100'] + ], + + // European AliExpress gateway + [ + 'gateway' => 'https://api.aliexpress.com/sync', + 'method' => 'aliexpress.seller.info.query', + 'params' => [] + ], + + // Global gateway + [ + 'gateway' => 'https://eco.aliexpress.com/sync', + 'method' => 'aliexpress.seller.info.query', + 'params' => [] + ] + ]; + + $results = []; + foreach ($test_cases as $index => $test) { + $result = $this->makeRequest($test['gateway'], $test['method'], $test['params']); + $results[] = [ + 'test' => $test, + 'result' => $result + ]; + + // Brief pause between requests + sleep(1); + } + + // Summary + echo "\n" . str_repeat("=", 80) . "\n"; + echo "TEST SUMMARY\n"; + echo str_repeat("=", 80) . "\n"; + + foreach ($results as $index => $test_result) { + $test = $test_result['test']; + $result = $test_result['result']; + + $status = $result['http_code'] == 200 ? 'SUCCESS' : 'FAILED'; + $gateway_short = parse_url($test['gateway'], PHP_URL_HOST); + + echo sprintf("%-30s %-25s %-10s (%d)\n", + $test['method'], + $gateway_short, + $status, + $result['http_code'] + ); + } + + echo "\nRecommendations:\n"; + echo "- Look for HTTP 200 responses with valid JSON\n"; + echo "- Check for specific error messages that indicate correct API but auth issues\n"; + echo "- 302 redirects might indicate wrong gateway URL\n"; + echo "- 405 Method Not Allowed indicates wrong HTTP method or endpoint structure\n"; + + return $results; + } +} + +// Run the tests +$tester = new MiraviaAPITester($app_key, $app_secret, $access_token); +$results = $tester->runTests(); \ No newline at end of file diff --git a/test_miravia_endpoints.sh b/test_miravia_endpoints.sh new file mode 100755 index 0000000..25ffcb7 --- /dev/null +++ b/test_miravia_endpoints.sh @@ -0,0 +1,183 @@ +#!/bin/bash + +# Miravia API Endpoint Testing Script +# Tests various endpoints to validate authentication and structure + +# Your credentials +APP_KEY="511420" +APP_SECRET="hOzF4xsW6sBvPQPMSVTWyzYmyjg1gsiL" +ACCESS_TOKEN="50000601517cxQldir9UpDdjDy8Oz1b4db215xHIevjZizVkfWDowiJw3x3dnpEp" + +echo "MIRAVIA API ENDPOINT TESTING" +echo "============================" +echo "App Key: $APP_KEY" +echo "Access Token: ${ACCESS_TOKEN:0:20}..." +echo "Timestamp: $(date)" +echo "" + +# Function to generate HMAC-SHA256 signature +generate_signature() { + local api_name="$1" + local params="$2" + + # Create string to be signed: api_name + sorted params + local string_to_sign="$api_name$params" + + # Generate HMAC-SHA256 signature + echo -n "$string_to_sign" | openssl dgst -sha256 -hmac "$APP_SECRET" | awk '{print toupper($2)}' +} + +# Function to make API request +test_endpoint() { + local gateway="$1" + local method="$2" + local extra_params="$3" + local description="$4" + + echo "========================================" + echo "Testing: $method" + echo "Gateway: $gateway" + echo "Description: $description" + echo "========================================" + + # Get current timestamp in milliseconds + local timestamp=$(($(date +%s) * 1000)) + + # System parameters (sorted alphabetically for signature) + local app_key_param="app_key$APP_KEY" + local access_token_param="access_token$ACCESS_TOKEN" + local format_param="formatjson" + local method_param="method$method" + local partner_param="partner_idiop-sdk-php-20220608" + local sign_method_param="sign_methodsha256" + local timestamp_param="timestamp$timestamp" + local version_param="v1.0" + + # Combine all parameters for signature (alphabetically sorted) + local params_for_signature="$access_token_param$app_key_param${extra_params}$format_param$method_param$partner_param$sign_method_param$timestamp_param$version_param" + + # Generate signature + local signature=$(generate_signature "$method" "$params_for_signature") + + echo "Request Parameters:" + echo " app_key: $APP_KEY" + echo " access_token: ${ACCESS_TOKEN:0:20}..." + echo " timestamp: $timestamp" + echo " method: $method" + echo " signature: $signature" + + # Make cURL request + echo "" + echo "Making cURL request..." + + local curl_data="app_key=$APP_KEY&access_token=$ACCESS_TOKEN×tamp=$timestamp&partner_id=iop-sdk-php-20220608&method=$method&v=1.0&format=json&sign_method=sha256&sign=$signature" + + # Add extra parameters if provided + if [ ! -z "$extra_params" ]; then + # Convert extra_params format for URL + local url_extra_params=$(echo "$extra_params" | sed 's/\([a-zA-Z_]*\)\([^a-zA-Z_]*\)/\&\1=\2/g' | sed 's/^&//') + curl_data="$curl_data$url_extra_params" + fi + + echo "cURL Data: ${curl_data:0:100}..." + echo "" + + # Execute cURL request + local start_time=$(date +%s%3N) + local response=$(curl -s -w "\nHTTP_CODE:%{http_code}\nTIME:%{time_total}" \ + -X POST \ + -H "Content-Type: application/x-www-form-urlencoded" \ + -d "$curl_data" \ + "$gateway") + local end_time=$(date +%s%3N) + + # Parse response + local http_code=$(echo "$response" | grep "HTTP_CODE:" | cut -d: -f2) + local time_total=$(echo "$response" | grep "TIME:" | cut -d: -f2) + local response_body=$(echo "$response" | sed '/HTTP_CODE:/d' | sed '/TIME:/d') + + echo "Response Details:" + echo " HTTP Code: $http_code" + echo " Response Time: ${time_total}s" + echo "" + echo "Response Body:" + + # Try to format JSON if possible, otherwise show raw + if echo "$response_body" | jq . >/dev/null 2>&1; then + echo "$response_body" | jq . + else + # Show first 500 chars if not JSON + echo "${response_body:0:500}" + if [ ${#response_body} -gt 500 ]; then + echo "...[response truncated]" + fi + fi + + echo "" + echo "" + + # Store result for summary + echo "$method|$gateway|$http_code|${time_total}s" >> /tmp/api_test_results.txt +} + +# Clear previous results +rm -f /tmp/api_test_results.txt + +echo "Starting comprehensive endpoint testing..." +echo "" + +# Test Case 1: Miravia API - Product List +test_endpoint "https://api.miravia.es/sync" "lazada.product.get" "limit1" "Miravia seller API - Get products" + +# Test Case 2: Miravia API - Seller Info +test_endpoint "https://api.miravia.es/sync" "lazada.seller.get" "" "Miravia seller API - Get seller info" + +# Test Case 3: Miravia API - Category Tree +test_endpoint "https://api.miravia.es/sync" "lazada.category.tree.get" "languageen" "Miravia seller API - Get categories" + +# Test Case 4: Singapore AliExpress - Seller Info +test_endpoint "https://api-sg.aliexpress.com/sync" "aliexpress.seller.info.query" "" "AliExpress SG - Seller info" + +# Test Case 5: Singapore AliExpress - Category Attributes +test_endpoint "https://api-sg.aliexpress.com/sync" "aliexpress.postproduct.redefining.getcategoryattributes" "category_id201336100" "AliExpress SG - Category attributes" + +# Test Case 6: European AliExpress - Seller Info +test_endpoint "https://api.aliexpress.com/sync" "aliexpress.seller.info.query" "" "AliExpress EU - Seller info" + +# Test Case 7: Global AliExpress - Seller Info +test_endpoint "https://eco.aliexpress.com/sync" "aliexpress.seller.info.query" "" "AliExpress Global - Seller info" + +# Test Case 8: Try Miravia without /sync +test_endpoint "https://api.miravia.es" "lazada.product.get" "limit1" "Miravia API without /sync" + +# Test Case 9: Try different Miravia subdomain +test_endpoint "https://open.miravia.es/sync" "lazada.product.get" "limit1" "Miravia Open Platform" + +echo "========================================" +echo "TEST SUMMARY" +echo "========================================" + +if [ -f /tmp/api_test_results.txt ]; then + echo "Method Gateway Status Time" + echo "------------------------------------------------------------------------" + while IFS='|' read -r method gateway status time; do + printf "%-40s %-20s %-8s %s\n" "$method" "$(echo $gateway | cut -d'/' -f3)" "$status" "$time" + done < /tmp/api_test_results.txt +else + echo "No results file found" +fi + +echo "" +echo "Analysis Guide:" +echo "- HTTP 200: Successful request (good authentication)" +echo "- HTTP 302: Redirect (possibly wrong gateway URL)" +echo "- HTTP 401: Unauthorized (token/signature issue)" +echo "- HTTP 403: Forbidden (permissions issue)" +echo "- HTTP 404: Not found (wrong endpoint)" +echo "- HTTP 405: Method not allowed (wrong HTTP method)" +echo "- HTTP 500: Server error (API issue)" +echo "" +echo "Look for responses with valid JSON containing 'code', 'data', or 'result' fields." + +# Cleanup +rm -f /tmp/api_test_results.txt \ No newline at end of file