Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OAuth 2.0 #370

Open
VadimSaratov opened this issue May 2, 2023 · 12 comments
Open

OAuth 2.0 #370

VadimSaratov opened this issue May 2, 2023 · 12 comments

Comments

@VadimSaratov
Copy link

UPS has launched the new API Developer Portal with OpenAPI spec documentation and sandbox environment. In the future, they will no longer distribute access keys and all API integrations will use the OAuth 2.0 security model.

https://developer.ups.com/api/reference/oauth/client-credentials

do you have any plans to implement the OAuth 2.0 model?
@shahtaj-qasim
Copy link

Any update on this topic?

@hellomarb
Copy link

Existing user have time until June 2024, but for new users that will be an issue starting from June 2023.
Is there a way to sponser the integration/development?

@dustingauthier
Copy link

Correct me if I'm wrong, but this repo doesn't look like its maintained anymore. This library uses nodes to create an XML schema that is sent to a UPS API endpoint. From my understanding, UPS will no longer be accepting XML requests. If that's the case, I'd imagine that a rewrite of this library wouldn't really be feasible.

I already have my team working on an in-house solution to tackle this problem. Our previous solution relied heavily on this library, but we're planning to move away from it.

@scottcwilson
Copy link
Contributor

scottcwilson commented Jun 13, 2023
edited
Loading

I believe @dustingauthier is correct. I am reaching out to RocketShipIt, an API provider for multiple shippers, to see if they're going to provide an interface to the new REST APIs from UPS. If so, that might be one migration path for people who need a UPS API.

Update: Yes they are.

@abolabo
Copy link

abolabo commented Oct 12, 2023

You can try to use PHP SDK by AbanteCart team. See repo https://github.com/abantecart/ups-php for details. There example how to obtain access token in the readme.md

@patrickkasl
Copy link

Will follow thread, for updates

@scottcwilson
Copy link
Contributor

If you want to see an example implementation for pulling rates, you can look at the one Zen Cart did.

https://github.com/lat9/upsoauth

@api2cart
Copy link

I think in case you are to continue using OAuth 2.0 you have to be the one to consider your specific requirements, resources and the level of security and control you need in your API integrations. This kind of authentication is vital, provided that it meets your needs when integrating with UPS. Therefore, if you have OAuth 2.0 in mind, then you should choose it.

On top of that, keep in mind, how easy is it to implement, OAuth 2.0 support in your development platform, and the possible outcome on existing integrations or workflows. In case the factors harmonically match with your requirements and abilities, then implementing OAuth 2.0 would be a wise choice.

@cottton
Copy link

cottton commented May 15, 2024

Note: official openapi description at: https://github.com/UPS-API/api-documentation

@jav666
Copy link

jav666 commented May 24, 2024

Will follow thread, for updates

#Me_to

@cottton
Copy link

cottton commented Jun 1, 2024

If you just need to implement a few endpoints of the new UPS API on your own backend:
See (not my video) https://www.youtube.com/watch?v=DNSbsYRqs3k

  1. login at developer.ups.com
  2. go "My Apps"
  3. go "Add Apps"
  4. "I need API credentials because" > "I want to integrate UPS technology into my business"
  5. "Choose an account to associate with these credentials." > {select your account number}
  6. checkbox the agreements ...
  7. "Next" ... and fill out the required details
    (Note: if it comes to the callback url then just put anything in there. You will not need it.)

Now use the documentation examples (for many languages) to get your job done.

  1. get an access_token: https://developer.ups.com/api/reference?loc=en_US#operation/CreateToken
    You want to cache it for expires_in seconds (perhaps minus some leeway, like 10 sec).
  2. look up the endpoint you need (f.e. Tracking or Shipment) and copy an example request.
  3. Play around with the example request and ofc use the token you previously created.

Notes:

  • Documentation Website: The documentation website is a mess. You need to scroll and click and scroll ... something is "broken" there.
  • Tracking Not Found: does not exist. UPS (still) returns 200 OK if the tracking number was not found.
    You will receive a trackResponse.shipment[n].warnings[n].code of "TW0001", and a .message of "Tracking Information Not Found".
  • Create Shipment: ShipmentRequest.Shipment.Package[] expects numeric indexes without gaps and must start with 0.
    Otherwise, you will get a bad request with a message not really telling you the actual cause.
  • Void Shipment: docu says: If more than one tracking number, pass this value as: trackingnumber= ["1ZISUS010330563105","1ZISUS01033056310 8"]
    and they mean it: if you want to send more than one trackingnumber
    then json encode the (f.e. PHP) array of tracking numbers.
    Examples: 
    $url .= '?trackingnumber=1ZISUS010330563105';
$url .= '?trackingnumber=["1ZISUS010330563105","1ZISUS010330563108"]';
  • Label Recovery: Sandbox will return PDF only, what ever you send. Production endpoints return f.e. GIF too.
    (F.e. LabelRecoveryRequest.LabelSpecification.LabelImageFormat.Code with value GIF on sandbox returns PDF)

Have fun =)

@marcelsatgithub
Copy link

marcelsatgithub commented Jul 19, 2024
edited
Loading

Thank u. Now I create the token but can I use it with this library?
There is currently no oauth2 integrated in Ups.php or I seeing this wrong?
Beginning August 5th, 2024, access keys will no longer be supported for authentication.

    $curl = curl_init();

    $payload = "grant_type=client_credentials";

    curl_setopt_array($curl, [
        CURLOPT_HTTPHEADER     => [
            "Content-Type: application/x-www-form-urlencoded",
            "x-merchant-id: string",
            "Authorization: Basic " . base64_encode($this->getClientDatas()['shop_ups_api_client_id'] . ":" . $this->getClientDatas()['shop_ups_api_client_secret'])
        ],
        CURLOPT_POSTFIELDS     => $payload,
        CURLOPT_URL            => "https://wwwcie.ups.com/security/v1/oauth/token",
        CURLOPT_RETURNTRANSFER => true,
        CURLOPT_CUSTOMREQUEST  => "POST",
    ]);

    $response = curl_exec($curl);
    $error = curl_error($curl);

    curl_close($curl);

    if ($error) {
        return $this->addErrorMessage($error);
    } else {
        $responseDatas = json_decode($response, true);
        if (isset($responseDatas['response']['errors'])) {
            foreach ($responseDatas['response']['errors'] as $error) {
                $this->addErrorMessage($error['message']);
                return false;
            }
        } else {
            if (isset($responseDatas['access_token'])) {
                $this->setAccessToken($responseDatas['access_token']);
                return true;
            } else {
                return $this->addErrorMessage($error['create_access_token_parameter_error']);
            }
        }
    }

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests