To allow the Checkout widget to communicate securely with the backend servers that power the delivery options, and for those servers to identify the retailer website making the requests, you must authenticate with them. This authentication step is a server to server call that should be made from your webserver to GFS' identity server in order to return an access token that is passed to the widget. This process uses the industry standard Oauth2 Client Credentials grant type, so it is well supported in all of the most common languages and frameworks deployed in eCommerce solutions. After registering with GFS Checkout, please contact I.T. Support for provision of a Client ID and Client Secret.
The following code demonstrates authentication with the GFS Identity endpoint using PHP. Note that this code uses CURL rather than the Zend library to show the simplest authentication possible, while remaining agnostic of PHP add-ins.
$endpoint = "https://identity.justshoutgfs.com/connect/token";
$params = array(
"client_id" => "CLIENT_ID",
"client_secret" => "CLIENT_SECRET",
"grant_type" => "client_credentials",
"scope" => "read checkout-api");
$curl = curl_init($endpoint);
curl_setopt($curl, CURLOPT_HEADER, true);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_HEADER,'Content-Type: application/x-www-form-urlencoded');
// Remove comment if you have a setup that causes ssl validation to fail
//curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
$postData = "";
//This is needed to properly form post the credentials object
foreach($params as $k => $v) {
$postData .= $k . '='.urlencode($v).'&';
}
$postData = rtrim($postData, '&');
curl_setopt($curl, CURLOPT_POSTFIELDS, $postData);
echo "Performing Request...";
$json_response = curl_exec($curl);
$status = curl_getinfo($curl, CURLINFO_HTTP_CODE);
// evaluate for success response
if ($status != 200) {
throw new Exception("Error: call to URL $endpoint failed with status $status, response $json_response, curl_error " . curl_error($curl) . ", curl_errno " . curl_errno($curl) . "\n");
}
curl_close($curl);
return $json_response;
The code example below shows how to obtain an access token using .NET and the open source Identity Server 3 and Identity Model libraries. These can be installed using NuGet.
var client = new TokenClient(
@"https://identity.justshoutgfs.com/connect/token",
"CLIENT_ID",
"CLIENT_SECRET");
var resp = client.RequestClientCredentialsAsync("read checkout-api").Result;
if(!resp.IsError)
{
// Token is the JWOT passed into the Checkout widget in the access-token attribute
token = resp.AccessToken;
}
else
{
// Handle authentication error
}