Hi all,

My problems with getting "Log in with PayPal" working.

I have had several phone conversations with PayPal support, and basically they have verified that what I am setting up on both their Developer Web site at:
https://developer.paypal.com/ and my admin side of https://www.shop-dontronics.com  are correct.

I am running V 2.1.0.2 of Opencart and have read, and installed the extension fix given at:
http://www.opencart.com/index.php?route=extension/extension/info&extension_id=25933&filter_search=login%20paypal

I really thought this would fix my problem, but no change.
This simple ocmod patch fixes the Log in with PayPal bug for OC v2.0.0.0 to 2.1.0.2.
But it doesn't fix my problem unfortunately.

I have put together the full details of this problem at:
http://www.dontronics.com/login-with-paypal.htm

I also have a thread running on the Opencart Support Forums at:
http://forum.opencart.com/viewtopic.php?f=191&t=163010

I do have a web developer, but it is beyond his understanding at this stage, as it is mine. We believe there is a coding problem somewhere.
I hope that someone out there can assist me.

Thanks in advance,

Cheers Don...




My Developer Credentials:
(Masked for security of course)








My Opencart admin credentials:
(Masked for security of course)






My Home page error:




Initially, I had the incorrect return URL, and the error message indicated this. When it was corrected, the "Replying Part Validation Error" replaced the incorrect URL error.

And I managed to grab a copy of the URL from my browser. The Client ID matches up correctly, but I have masked it for security. See below:






-2016-05-28

Subject: Re: OpenCart 2.2.0.0 Released!!
http://forum.opencart.com/viewtopic.php?f=2&t=158970&start=20

and the interesting message:
http://prntscr.com/b99pbl
http://forum.opencart.com/viewtopic.php?f=2&t=158970&start=20#p607809

Obviously version 2.2.0.0 fixed the "Log in with Paypal" bug.

There must be a clue in the github code changes, but unfortunately it is beyond me.

Rang Paypal again, and they will get back to me when they aren't busy. :-(

Just posted a message to the above thread:
http://forum.opencart.com/viewtopic.php?f=2&t=158970&start=40#p620403



-2016-06-03

At last. Got this message back from PayPal

Hi Don,

We have tested the details and found that there seems to be some issue with the Client ID. I implemented this instance of the Login with PayPal and am getting an error which mentions that there is an issue with the client ID.

You may need to check the scope of the APP you have created to make sure you have Login Will PayPAl selected. You can also create a new APP and you ca also make sure Login with PayPal is enabled there. I hope this helps fix the issue.

<form action="https://www.paypal.com/webapps/auth/protocol/openidconnect/v1/authorize" method="post">
                                <!--input type="hidden" name="client_id" value="<Your client ID>"/-->
                                <input type="hidden" name="client_id" value=" AQQSJFXXxMBWbyYBiMJ91HVX0xw8zhNpdOzuchb_6WT348WYxpBpQjvn53Hdpli8-DWK2scz4sDQlWvj"/>
                                <input type="hidden" name="response_type" value="code"/>
                                <input type="hidden" name="scope" value="email profile https://uri.paypal.com/services/paypalattributes"/>
                                <input type="hidden" name="redirect_uri" value="final redirect page after loginp"/>
                                <input type="submit" value="Login with PayPal"/>
                </form>

Regards,
Mohammad

============================================================

-2016-06-04
Deleted the old APP and created new credentials on V2.1.0.2 and V 2.2.0.0 but still getting the same error on both carts.

===================================================

-2016-06-04

ocmod.log This is the extension fix added:
----------------------------------------------------------------
MOD: Login with PayPal Endpoint bugfix
FILE: catalog/model/module/pp_login.php
CODE: $endpoint = 'https://api.sandbox.paypal.com/v1/oauth2/token';
LINE: 4
CODE: $endpoint = 'https://api.paypal.com/v1/oauth2/token';
LINE: 6
CODE: CURLOPT_USERPWD    => $this->config->get('pp_login_client_id') . ':' . $this->config->get('pp_login_secret'),
LINE: 17
----------------------------------------------------------------




and:
catalog/model/module/pp_login.php



OK, here is the PP login module:
oc mod log:
catalog/model/module/pp_login.php
http://prntscr.com/bc5y5u

\catalog\model\module\pp_login.php
OK, here is the PP login module:
oc mod log:
catalog/model/module/pp_login.php
http://prntscr.com/bc5y5u

\catalog\model\module\pp_login.php
<?php
class ModelModulePPLogin extends Model {
    public function getTokens($code) {
        if ($this->config->get('pp_login_sandbox')) {
            $endpoint = 'https://api.sandbox.paypal.com/v1/oauth2/token';
        } else {
            $endpoint = 'https://api.paypal.com/v1/oauth2/token';
        }

        $request  = '';
        $request .= 'client_id=' . $this->config->get('pp_login_client_id');
        $request .= '&client_secret=' . $this->config->get('pp_login_secret');
        $request .= '&grant_type=authorization_code';
        $request .= '&code=' . $code;
        $request .= '&redirect_uri=' . urlencode($this->url->link('module/pp_login/login', '', 'SSL'));

        $additional_opts = array(
            CURLOPT_USERPWD    => $this->config->get('pp_login_client_id') . ':' . $this->config->get('pp_login_secret'),
            CURLOPT_POST       => true,
            CURLOPT_POSTFIELDS => $request
        );

        $curl = $this->curl($endpoint, $additional_opts);

        $this->log('cURL Response: ' . print_r($curl, 1));

        return $curl;
    }

    public function getUserInfo($access_token) {
        if ($this->config->get('pp_login_sandbox')) {
            $endpoint = 'https://api.sandbox.paypal.com/v1/identity/openidconnect/userinfo/?schema=openid';
        } else {
            $endpoint = 'https://api.paypal.com/v1/identity/openidconnect/userinfo/?schema=openid';
        }

        $header   = array();
        $header[] = 'Content-Type: application/json';
        $header[] = 'Authorization: Bearer ' . $access_token;

        $additional_opts = array(
            CURLOPT_HTTPHEADER => $header,
        );

        $curl = $this->curl($endpoint, $additional_opts);

        $this->log('cURL Response: ' . print_r($curl, 1));

        return $curl;
    }

    private function curl($endpoint, $additional_opts = array()) {
        $default_opts = array(
            CURLOPT_PORT           => 443,
            CURLOPT_HEADER         => 0,
            CURLOPT_SSL_VERIFYPEER => 0,
            CURLOPT_RETURNTRANSFER => 1,
            CURLOPT_FORBID_REUSE   => 1,
            CURLOPT_FRESH_CONNECT  => 1,
            CURLOPT_URL            => $endpoint,
        );

        $ch = curl_init($endpoint);

        $opts = $default_opts + $additional_opts;

        curl_setopt_array($ch, $opts);

        $response = json_decode(curl_exec($ch));

        curl_close($ch);

        return $response;
    }

    public function log($data) {
        if ($this->config->get('pp_login_debug')) {
            $backtrace = debug_backtrace();
            $this->log->write('Log In with PayPal debug (' . $backtrace[1]['class'] . '::' . $backtrace[1]['function'] . ') - ' . $data);
        }
    }
}


-2016-06-05
LIVE API CREDENTIALS

OK, we deleted the old set of credentials, and created a completely new set.



We then got the above redirect URL error. We have had this many times in the past, but I left it over night to give it the 3 hours, but no change in the morning.

So I deleted the URL and entered the same one, and this error vanished. This moved us back to the same old error:
Relying Party Validation error: scope in the request does not match any of the registered clients. Please check the request. Well, same as alwaysRelying Party Validation error: scope in the request does not match any of the registered clients. Please check the request. Well, same as alwaysRelying Party Validation error: scope in the request does not match any of the registered clients. Please check the request. Well, same as alwaysRelying Party Validation error: scope in the request does not match any of the registered clients. Please check the request.

Going around in circles. :-)