BIG-27111 Support for retrieving the customer login token

Author: lord2800

composer.json

@@ -12,7 +12,9 @@
         }
     ],
     "require": {
-        "php": ">=5.3.0"
+        "php": ">=5.3.0",
+        "firebase/php-jwt": "~3.0",
+        "paragonie/random_compat": "~2.0"
     },
     "require-dev": {
         "phpunit/phpunit": "4.5.*",

src/Bigcommerce/Api/Client.php

@@ -3,6 +3,7 @@
 namespace Bigcommerce\Api;
 
 use \Exception as Exception;
+use Firebase\JWT\JWT;
 
 /**
  * Bigcommerce API Client.
@@ -60,6 +61,7 @@ class Client
     static private $client_id;
     static private $store_hash;
     static private $auth_token;
+    static private $client_secret;
     static private $stores_prefix = '/stores/%s/v2';
     static private $api_url = 'https://api.bigcommerce.com';
     static private $login_url = 'https://login.bigcommerce.com';
@@ -106,6 +108,9 @@ public static function configureOAuth($settings)
         self::$client_id = $settings['client_id'];
         self::$auth_token = $settings['auth_token'];
         self::$store_hash = $settings['store_hash'];
+
+        self::$client_secret = isset($settings['client_secret']) ? $settings['client_secret'] : null;
+
         self::$api_path = self::$api_url . sprintf(self::$stores_prefix, self::$store_hash);
         self::$connection = false;
     }
@@ -413,6 +418,32 @@ public static function getAuthToken($object)
         return $connection->post(self::$login_url . '/oauth2/token', $context);
     }
 
+    public static function getCustomerLoginToken($id, $redirectUrl = '', $requestIp = '')
+    {
+        if (empty(self::$client_secret)) {
+            throw new Exception('Cannot sign customer login tokens without a client secret');
+        }
+
+        $payload = array(
+            'iss' => self::$client_id,
+            'iat' => time(),
+            'jti' => bin2hex(random_bytes(32)),
+            'operation' => 'customer_login',
+            'store_hash' => self::$store_hash,
+            'customer_id' => $id
+        );
+
+        if (!empty($redirectUrl)) {
+            $payload['redirect_to'] = $redirectUrl;
+        }
+
+        if (!empty($requestIp)) {
+            $payload['request_ip'] = $requestIp;
+        }
+
+        return JWT::encode($payload, self::$client_secret, 'HS256');
+    }
+
     /**
      * Pings the time endpoint to test the connection to a store.
      *

src/Bigcommerce/Api/Resources/Customer.php

@@ -34,4 +34,9 @@ public function delete()
     {
         return Client::deleteCustomer($this->id);
     }
+
+    public function getLoginToken()
+    {
+        return Client::getCustomerLoginUrl($this->id);
+    }
 }

test/Unit/Api/ClientTest.php

@@ -118,6 +118,36 @@ public function testGetLastErrorGetsErrorFromConnection()
         $this->assertSame(5, Client::getLastError());
     }
 
+    public function testGetCustomerLoginTokenReturnsValidLoginToken()
+    {
+        Client::configureOAuth(array(
+            'client_id' => '123',
+            'auth_token' => 'def',
+            'store_hash' => 'abc',
+            'client_secret' => 'zyx'
+        ));
+        $expectedPayload = array(
+            'iss' => '123',
+            'operation' => 'customer_login',
+            'store_hash' => 'abc',
+            'customer_id' => 1,
+        );
+        $token = Client::getCustomerLoginToken(1);
+        $actualPayload = (array)\Firebase\JWT\JWT::decode($token, 'zyx', array('HS256'));
+        $this->assertArraySubset($expectedPayload, $actualPayload);
+    }
+
+    public function testGetCustomerLoginTokenThrowsIfNoClientSecret()
+    {
+        Client::configureOAuth(array(
+            'client_id' => '123',
+            'auth_token' => 'def',
+            'store_hash' => 'abc'
+        ));
+        $this->setExpectedException('\Exception', 'Cannot sign customer login tokens without a client secret');
+        Client::getCustomerLoginToken(1);
+    }
+
     public function testGetResourceReturnsSpecifiedType()
     {
         $this->connection->expects($this->once())