REST API: Testing

This page documents the REST API feature available as of v1.8.10.0 of MageRewards for Magento.
Documentation for the deprecated SOAP API feature, can be found here.

Outline

Testing

Because Magento 1.x uses oAuth 1.0 to authenticate integrating application, testing the API outside of your authenticated application is difficult.

Here, we'll assume you're working in a development environment and are able to use a REST client like Postman to test the MageRewards API end-points. We'll also assume you've already gone through the API Setup and have access to a consumer_key and a consumer_secret.

Warning

This guide is strictly meant to help you. The user is entirely responsible for it's use, so proceed with caution.

  • You should do this only on a development or staging Magento installation.
  • You should remove getToken.php from your server as soon as you're finished testing.

Get oAuth Tokens

First think you'll need is to go through the oAuth process and generate an oAuth token and token_secret. If you have no other tool to help you do this, we've created a script to help you:

  1. Copy & Paste the source below, and into a file named getToken.php and save in your Magento root directory.
  2. Modify the first few lines of the file as instructed.
  3. Access the new file from your browser using an HTTP url. (eg. http://localhost/magento/getToken.php)
    Note: You’ll need PHP oAuth library for this.
    • Install on Mac/Linux/Unix, via PECL: sudo pecl install oauth-1.2.3
    • Install on Windows using this guide.
  4. Once successfully executed from your browser, make note of final Token and Token Secret produced
  5. Important: Remove getToken.php from the server.
    <?php

    /**
    ** DISCLAIMER
    ** ----------
    ** This script is strictly meant to help you. The user is entirely responsible for it's use, so proceed with caution.
    ** * You should use this only on a development or staging Magento installation.
    ** * You should remove this file from your server as soon as you're finished testing.
    **
    **
    ** INSTRUCTIONS
    ** ------------
    ** Change these three variables based on your store URL and consumer you created.
    **/
    $magentoUrl = "http://localhost/magento";
    $consumerKey = 'bc909f819db6bd2fb1f37a167ea4549d';
    $consumerSecret = '73424ff38a7da710373fcba3489b6ce9';



    $callbackUrl = 'http' . (isset($_SERVER['HTTPS']) ? 's' : '') . '://' . "{$_SERVER['HTTP_HOST']}/{$_SERVER['REQUEST_URI']}";
    $temporaryCredentialsRequestUrl = "{$magentoUrl}/oauth/initiate?oauth_callback=" . urlencode($callbackUrl);
    $adminAuthorizationUrl = "{$magentoUrl}/admin/oauth_authorize";
    $accessTokenRequestUrl = "{$magentoUrl}/oauth/token";
    $apiUrl = '{$magentoUrl}/api/rest';


    session_start();
    if (!isset($_GET['oauth_token']) && isset($_SESSION['state']) && $_SESSION['state'] == 1) {
        $_SESSION['state'] = 0;
    }
    try {
        $authType = ($_SESSION['state'] == 2) ? OAUTH_AUTH_TYPE_AUTHORIZATION : OAUTH_AUTH_TYPE_URI;
        $oauthClient = new OAuth($consumerKey, $consumerSecret, OAUTH_SIG_METHOD_HMACSHA1, $authType);
        $oauthClient->enableDebug();

        if (!isset($_GET['oauth_token']) && !$_SESSION['state']) {
            $requestToken = $oauthClient->getRequestToken($temporaryCredentialsRequestUrl);
            $_SESSION['secret'] = $requestToken['oauth_token_secret'];
            $_SESSION['state'] = 1;
            header('Location: ' . $adminAuthorizationUrl . '?oauth_token=' . $requestToken['oauth_token']);
            exit;
        } else if ($_SESSION['state'] == 1) {
            $oauthClient->setToken($_GET['oauth_token'], $_SESSION['secret']);
            $accessToken = $oauthClient->getAccessToken($accessTokenRequestUrl);
            $_SESSION['state'] = 2;
            $_SESSION['token'] = $accessToken['oauth_token'];
            $_SESSION['secret'] = $accessToken['oauth_token_secret'];
            header('Location: ' . $callbackUrl);
            exit;
        } else {
            echo "<pre>";
            echo "Consumer Key: " . print_r($consumerKey, true). "\n";
            echo "Consumer Secret: " . print_r($consumerSecret, true). "\n";
            echo "\n\n";
            echo "Token Key: " . print_r($_SESSION['token'], true). "\n";
            echo "Token Secret: " . print_r($_SESSION['secret'], true). "\n\n";
            unset($_SESSION['state']);
            unset($_SESSION['secret']);
        }
    } catch (OAuthException $e) {
        print_r($e);
    }

Make REST Calls

  1. Download Postman or another REST client.
  2. In the "Authorization" section:
    • Type: Oauth 1.0
    • Supply Consumer Key and Consumer Secret from the Setup process.
    • Supply Token and Token Secret from getToken.php
    • Leave other fields unchanged

  3. In the "Header" section:
    • Add a Content-Type header with the value of application/json.

  4. Make REST requests to one of MageRewards API Resources.
    • For POST and PUT requests, enter "raw" data in the body payload as JSON text.
      Example
                  {
                      "customer_id": "185",
                      "quantity": "1000",
                      "comments": "Points received for making an order.",
                      "status_id": "5",
                      "is_dev_mode": "0"
                  }
      		
  5. In the "Authorization" section:
    • Select "Add params to header"
    • Click "Update Request" button

  6. Click "Send" button

Still need help? Get Help Get Help