Merge branch 'release/v2.5.0'

Author: jenschude

.travis.yml

@@ -2,9 +2,9 @@ dist: trusty
 sudo: false
 language: php
 php:
-- 7.0
-- 5.6
-- 7.1
+- 7.0.31
+- 5.6.37
+- 7.1.18
 - 7.2
 - hhvm
 - nightly
@@ -31,17 +31,17 @@ before_install:
 before_script:
 - composer config -g github-oauth.github.com $GITHUB_OAUTH_TOKEN
 - if [ $GUZZLE == '5' ] ; then ./set_guzzle5.sh; fi
-- if [ $PHP != 'nightly' ] && [ $PHP != '7.1' ]; then composer global require hirak/prestissimo; fi
 - if [ $GUZZLE == '5' ] ; then composer update -o --prefer-dist --prefer-lowest; fi
 - if [ $GUZZLE != '5' ] ; then composer install -o --prefer-dist; fi
 script:
-- if [ $PHP == '7.1' ] && [ $GUZZLE == '6' ]; then ant phpcs-ci; fi
-- if [ $GUZZLE == '5' ] || [ $PHP == '5.6' ] || [ $PHP == 'hhvm' ] ; then vendor/bin/phpunit -c phpunit5.xml.dist --testsuite=unit; fi
-- if [ $GUZZLE == '6' ] && [ $PHP != '5.6' ] ; then vendor/bin/phpunit --testsuite=unit; fi
-- if [ $PHP == '7.0' ] && [ $GUZZLE == '6' ] && [ $TRAVIS_PULL_REQUEST == 'false' ]; then vendor/bin/phpunit --testsuite=integration; fi
+- if [ $PHP == '7.1.18' ] && [ $GUZZLE == '6' ]; then ant phpcs-ci; fi
+- if [ $GUZZLE == '5' ] || [ $PHP == '5.6.37' ] || [ $PHP == 'hhvm' ] ; then vendor/bin/phpunit -c phpunit5.xml.dist --testsuite=unit; fi
+- if [ $GUZZLE == '6' ] && [ $PHP != '5.6.37' ] ; then vendor/bin/phpunit --testsuite=unit; fi
+- if [ $PHP == '7.0.31' ] && [ $GUZZLE == '6' ] && [ $TRAVIS_PULL_REQUEST == 'false' ]; then vendor/bin/phpunit --testsuite=integration; fi
 - ant behat
+- bin/ctp-tlscheck.php
 before_deploy:
-  - if [ $(phpenv version-name) = "7.1" ] ; then ant apigen; fi
+  - if [ $(phpenv version-name) = "7.1.18" ] ; then ant apigen; fi
 deploy:
   - provider: script
     skip_cleanup: true

CHANGELOG.md

@@ -1,3 +1,24 @@
+<a name="2.5.0"></a>
+# [2.5.0](https://github.com/commercetools/commercetools-php-sdk/compare/v2.4.0...v2.5.0) (2018-08-16)
+
+
+### Features
+
+* **Cart:** support multiple shipping addresses ([20014da](https://github.com/commercetools/commercetools-php-sdk/commit/20014da))
+* **Extension:** support API extensions  ([9ca58c8](https://github.com/commercetools/commercetools-php-sdk/commit/9ca58c8)), closes [#365](https://github.com/commercetools/commercetools-php-sdk/issues/365)
+* **Money:** support high precision money ([95722b9](https://github.com/commercetools/commercetools-php-sdk/commit/95722b9)), closes [#410](https://github.com/commercetools/commercetools-php-sdk/issues/410)
+* **Order:** support multiple shipping addresses ([d98c259](https://github.com/commercetools/commercetools-php-sdk/commit/d98c259))
+* **OrderFromCart:** support state, orderState, shipmentState at OrderCreateFromCart ([5fd4375](https://github.com/commercetools/commercetools-php-sdk/commit/5fd4375)), closes [#412](https://github.com/commercetools/commercetools-php-sdk/issues/412) [#417](https://github.com/commercetools/commercetools-php-sdk/issues/417)
+* **ProductDiscount:** add setValidFromAndUntil update action ([1e54656](https://github.com/commercetools/commercetools-php-sdk/commit/1e54656))
+* **ProductDiscounts:** add endpoint for Matching ProductDiscount ([9258a62](https://github.com/commercetools/commercetools-php-sdk/commit/9258a62))
+* **Request:** add GDPR dataErasure flag ([5d35ea1](https://github.com/commercetools/commercetools-php-sdk/commit/5d35ea1)), closes [#411](https://github.com/commercetools/commercetools-php-sdk/issues/411)
+* **ShoppingList:** support AnonymousId on ShoppingList owner ([efd2565](https://github.com/commercetools/commercetools-php-sdk/commit/efd2565))
+* **Subscription:** add Google Cloud PubSub destination ([585501a](https://github.com/commercetools/commercetools-php-sdk/commit/585501a)), closes [#418](https://github.com/commercetools/commercetools-php-sdk/issues/418)
+* **Subscription:** add modifiedAt to change subscription payloads ([602303a](https://github.com/commercetools/commercetools-php-sdk/commit/602303a)), closes [#416](https://github.com/commercetools/commercetools-php-sdk/issues/416)
+* **Subscription:** add payloadNotIncluded to message delivery ([60e207b](https://github.com/commercetools/commercetools-php-sdk/commit/60e207b)), closes [#413](https://github.com/commercetools/commercetools-php-sdk/issues/413)
+
+
+
 <a name="2.4.0"></a>
 # [2.4.0](https://github.com/commercetools/commercetools-php-sdk/compare/v2.3.0...v2.4.0) (2018-05-31)
 

README.md

@@ -62,7 +62,8 @@ Please read the [Changelog](CHANGELOG.md) before updating in any case.
 
 ### Getting started
 
-To get up and running, [create a free test project](http://admin.sphere.io) on the commercetools platform with API credentials (Menu "Developers"->"API Clients").
+To get up and running, create a free test project ([EU located](https://admin.commercetools.com/en/signup) or [US located](https://admin.commercetools.co/en/signup)) on the commercetools platform. To generate your API credentials go to [EU Merchant Center](https://mc.commercetools.com/) or [US Merchant Center](https://mc.commercetools.co/) (Menu "Settings"->"Developer Settings"->"API Clients"->"Create New Api Client").
+You need to select the template for the "Admin client".
 
 ```php
 <?php
@@ -104,6 +105,18 @@ foreach ($products as $product) {
 
 ```
 
+If you prefer not to have a client with all admin rights, you need to explicitly include the client's permission scopes that you selected when creating the client, on the client's configuration:
+
+```php
+<?php
+$config = [
+    'client_id' => 'my client id',
+    'client_secret' => 'my client secret',
+    'project' => 'my project id',
+    'scope' => 'permission_scope and_another_scope'
+];
+```
+
 In real world, you will not put your API credentials directly into code but use a config file or your framework's config or dependency injection system for that.
 
 #### Using the phar distribution
@@ -118,8 +131,8 @@ require __DIR__ . '/commercetools-php-sdk.phar';
 
 $config = \Commercetools\Core\Config::fromArray([
     'client_id' => 'myClientId',
-     'client_secret' => 'myClientSecret',
-      'project' => 'myProjectId'
+    'client_secret' => 'myClientSecret',
+    'project' => 'myProjectId'
 ]);
 $client = \Commercetools\Core\Client::ofConfig($config);
 $request = \Commercetools\Core\Request\Project\ProjectGetRequest::of();

bin/ctp-tlscheck.php

@@ -0,0 +1,160 @@
+#!/usr/bin/env php
+<?php
+
+class Tls12Checker
+{
+    const API_URI = 'api-tls12.commercetools.com';
+
+    const URIS = [
+        'auth-tls12.commercetools.com',
+        'api-tls12.commercetools.com',
+        'auth-tls12.commercetools.co',
+        'api-tls12.commercetools.co',
+        'api.sphere.io',
+        'api.commercetools.co',
+    ];
+
+    public function allowedCiphers()
+    {
+        return [
+            'TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA',
+            'TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256',
+            'TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA',
+            'TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384',
+            'TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256',
+            'TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA',
+            'TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256',
+            'TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA',
+            'TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384',
+            'TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256',
+        ];
+    }
+
+    /**
+     * @return array
+     * @throws \Exception
+     */
+    private function getSupportedCiphers()
+    {
+        $ch = curl_init();
+        curl_setopt($ch, CURLOPT_URL, "https://www.howsmyssl.com/a/check");
+        curl_setopt($ch, CURLOPT_SSLVERSION, 6);
+        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
+        $response = curl_exec($ch);
+        curl_close($ch);
+        $tlsInfo = json_decode($response, true);
+
+        if ($response === false) {
+            throw new \Exception('Connection not connect using TLS 1.2', 1);
+        }
+
+        return isset($tlsInfo['given_cipher_suites']) ? $tlsInfo['given_cipher_suites'] : [];
+    }
+
+    /**
+     * @throws \Exception
+     */
+    private function checkCiphers()
+    {
+        $supportedCiphers = $this->getSupportedCiphers();
+        $allowedCiphers = $this->allowedCiphers();
+
+        $diff = array_diff($allowedCiphers, $supportedCiphers);
+
+        if (count($diff) < count($allowedCiphers)) {
+            return;
+        };
+        throw new \Exception('None of the allowed cipher suites are supported by curl: ' . implode(', ', $allowedCiphers), 1);
+    }
+
+    /**
+     * @param string $apiUri
+     * @param string $cipher
+     * @throws Exception
+     */
+    private function checkApiConnection($apiUri = self::API_URI, $cipher = null)
+    {
+        $ch = curl_init();
+        curl_setopt($ch, CURLOPT_URL, 'https://' . $apiUri);
+        curl_setopt($ch, CURLOPT_SSLVERSION, 6);
+        if (!is_null($cipher)) {
+            curl_setopt($ch, CURLOPT_SSL_CIPHER_LIST, $cipher);
+        }
+        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
+        $response = curl_exec($ch);
+        curl_close($ch);
+
+        if ($response == false) {
+            throw new \Exception('Could not connect not connect to API using TLS 1.2' . (is_null($cipher) ? '' : ' with cipher ' . $cipher), 1);
+        }
+    }
+
+    private function checkCurlVersion()
+    {
+        $curlVersion = curl_version();
+        $supportsTLS12 = true;
+        if (version_compare(curl_version()['version'], '7.34.0', '<')) {
+            $supportsTLS12 = false;
+        }
+        echo 'Curl version: ' . ($supportsTLS12 ? "\033[32m" : "\033[31m") . curl_version()['version'] . "\033[0m" . ($supportsTLS12 ? '' : '(TLS 1.2 not supported)') . PHP_EOL;
+
+        if (isset($curlVersion['ssl_version'])) {
+            echo 'Curl SSL Library: ' . curl_version()['ssl_version'] . PHP_EOL;
+        }
+    }
+
+    /**
+     * @return int
+     */
+    public function check()
+    {
+        $this->checkCurlVersion();
+
+        echo "Checking TLS 1.2 connection ... ";
+        try {
+            $this->checkCiphers();
+            foreach (self::URIS as $uri) {
+                $this->checkApiConnection($uri);
+            }
+        } catch (\Exception $exception) {
+            echo "\033[31mFailed\033[0m" . PHP_EOL;
+            echo $exception->getMessage() . PHP_EOL;
+            return (int)$exception->getCode();
+        }
+
+        echo "\033[32mOK\033[0m" . PHP_EOL;
+
+        return 0;
+    }
+
+//    private function availableCiphers()
+//    {
+//        $localCiphers = explode(' ', exec('openssl ciphers \'ALL:eNULL\' | tr \':\' \' \''));
+//        $allowedCiphers = [];
+//        foreach ($localCiphers as $localCipher) {
+//            exec('echo -n | openssl s_client -connect ' . self::API_URI . ':443 -cipher ' . $localCipher . ' -tls1_2 2>&1', $dummy, $status);
+//            if ($status === 0) {
+//                $allowedCiphers[] = $localCipher;
+//            }
+//        }
+//
+//        return $allowedCiphers;
+//    }
+//
+//    private function checkAvailableCiphers()
+//    {
+//        $availableCiphers = $this->availableCiphers();
+//        foreach ($availableCiphers as $cipher) {
+//            echo 'Testing ' . $cipher . '...';
+//            try {
+//                $this->checkApiConnection(self::API_URI, $cipher);
+//                echo "\033[32mOK\033[0m" . PHP_EOL;
+//            } catch (\Exception $exception) {
+//                echo "\033[31mFailed\033[0m" . PHP_EOL;
+//            }
+//        }
+//    }
+}
+
+$checker = new Tls12Checker();
+exit($checker->check());

build.xml

@@ -64,7 +64,7 @@
         <exec executable="${toolsdir}phpcs${execPostfix}" failonerror="true">
             <arg value="--standard=PSR2" />
             <arg value="--extensions=php" />
-            <arg value="--ignore=autoload.php" />
+            <arg value="--ignore=autoload.php,src/Core/Builder" />
             <arg path="${basedir}/src" />
             <arg path="${basedir}/tests" />
         </exec>
@@ -76,7 +76,7 @@
         <exec executable="${toolsdir}phpcs${execPostfix}" failonerror="true">
             <arg value="--standard=PSR2" />
             <arg value="--extensions=php" />
-            <arg value="--ignore=autoload.php" />
+            <arg value="--ignore=autoload.php,src/Core/Builder" />
             <arg path="${basedir}/src" />
         </exec>
     </target>

composer.json

@@ -30,7 +30,7 @@
   "require": {
     "php": ">=5.6",
     "psr/log": "^1.0",
-    "guzzlehttp/guzzle": "^6.0 || ^5.3.1",
+    "guzzlehttp/guzzle": "^6.0 || ^5.3.3",
     "guzzlehttp/psr7": "^1.1",
     "psr/cache": "^1.0",
     "psr/simple-cache": "^1.0",
@@ -59,6 +59,9 @@
   "replaces": {
     "commercetools/commons": "*"
   },
+  "bin": [
+    "bin/ctp-tlscheck.php"
+  ],
   "suggest": {
     "cache/redis-adapter": "For usage of a redis server to store the client access token",
     "cache/doctrine-adapter": "For usage of a doctrine cache instance to store the client access token"

package.json

@@ -1,6 +1,6 @@
 {
   "name": "commercetools-php-sdk-changelog",
-  "version": "2.4.0",
+  "version": "2.6.0",
   "description": "commercetools PHP SDK changelog generator package description",
   "homepage": "https://github.com/commercetools/commercetools-php-sdk",
   "bugs": "https://github.com/commercetools/commercetools-php-sdk/issues",

set_guzzle5.sh

@@ -1,4 +1,4 @@
 #!/bin/bash
 SRC='"guzzlehttp/guzzle": "^6.0"'
-DST='"guzzlehttp/guzzle": "^5.3.1", "react/promise": "^2.2.0"'
+DST='"guzzlehttp/guzzle": "^5.3.3", "react/promise": "^2.2.0"'
 sed -ibak -e "s|$SRC|$DST|g" composer.json

src/Core/AbstractHttpClient.php

@@ -14,7 +14,7 @@
  */
 abstract class AbstractHttpClient
 {
-    const VERSION = '2.4.0';
+    const VERSION = '2.5.0';
 
     /**
      * @var AdapterInterface