magdev/wc-licensed-product-client
1
Fork 0
Code Issues Pull Requests Activity
Files
main
wc-licensed-product-client/README.md
magdev 760e1e752a Add update-check endpoint support (v0.2.1) 
Implement /update-check endpoint aligned with remote OpenAPI spec:
- Add checkForUpdates() method to LicenseClientInterface
- Add UpdateInfo DTO for update check responses
- Add ProductNotFoundException for product_not_found error
- Update local openapi.json to v0.4.0

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-27 20:52:12 +01:00

186 lines
5.2 KiB
Markdown
Raw Permalink Blame History

# WooCommerce Licensed Product Client
A PHP client library for the WooCommerce Licensed Product Plugin REST API. Activate, validate, and check the status of software licenses.
## Requirements
- PHP 8.3 or higher
- Composer
## Installation
```bash
composer require magdev/wc-licensed-product-client
```
## Features
- Object-oriented client library
- **Secure client with response signature verification (HMAC-SHA256)**
- PSR-3 logging support
- PSR-6 caching support
- PSR-18 HTTP client compatible
- License validation against domains
- License activation on domains
- License status checking
- Plugin update checking
- Comprehensive exception handling
- Code integrity verification
- Built on Symfony HttpClient
## Usage
### Basic Usage
```php
use Magdev\WcLicensedProductClient\LicenseClient;
use Symfony\Component\HttpClient\HttpClient;
$httpClient = HttpClient::create();
$client = new LicenseClient(
httpClient: $httpClient,
baseUrl: 'https://your-wordpress-site.com',
);
// Validate a license
$licenseInfo = $client->validate('ABCD-1234-EFGH-5678', 'example.com');
echo "Product ID: " . $licenseInfo->productId;
// Check license status
$status = $client->status('ABCD-1234-EFGH-5678');
echo "Status: " . $status->status->value;
// Activate a license
$result = $client->activate('ABCD-1234-EFGH-5678', 'example.com');
echo "Activated: " . ($result->success ? 'Yes' : 'No');
// Check for updates
$updateInfo = $client->checkForUpdates('ABCD-1234-EFGH-5678', 'example.com', 'my-plugin', '1.0.0');
if ($updateInfo->updateAvailable) {
echo "New version available: " . $updateInfo->version;
}
```
### With Logging
```php
use Magdev\WcLicensedProductClient\LicenseClient;
use Psr\Log\LoggerInterface;
use Symfony\Component\HttpClient\HttpClient;
$client = new LicenseClient(
httpClient: HttpClient::create(),
baseUrl: 'https://your-wordpress-site.com',
logger: $yourPsrLogger, // Any PSR-3 compatible logger
);
```
### With Caching
```php
use Magdev\WcLicensedProductClient\LicenseClient;
use Psr\Cache\CacheItemPoolInterface;
use Symfony\Component\HttpClient\HttpClient;
$client = new LicenseClient(
httpClient: HttpClient::create(),
baseUrl: 'https://your-wordpress-site.com',
cache: $yourPsrCache, // Any PSR-6 compatible cache
cacheTtl: 600, // Cache TTL in seconds (default: 300)
);
```
### Exception Handling
```php
use Magdev\WcLicensedProductClient\Exception\LicenseNotFoundException;
use Magdev\WcLicensedProductClient\Exception\LicenseExpiredException;
use Magdev\WcLicensedProductClient\Exception\DomainMismatchException;
use Magdev\WcLicensedProductClient\Exception\RateLimitExceededException;
use Magdev\WcLicensedProductClient\Exception\LicenseException;
try {
$licenseInfo = $client->validate($licenseKey, $domain);
} catch (LicenseNotFoundException $e) {
// License key does not exist
} catch (LicenseExpiredException $e) {
// License has expired
} catch (DomainMismatchException $e) {
// License is not valid for this domain
} catch (RateLimitExceededException $e) {
// Too many requests, retry after $e->retryAfter seconds
} catch (LicenseException $e) {
// Other license-related errors
}
```
## Secure Client
For enhanced security, use `SecureLicenseClient` which verifies response signatures:
```php
use Magdev\WcLicensedProductClient\SecureLicenseClient;
use Magdev\WcLicensedProductClient\Security\SignatureException;
use Symfony\Component\HttpClient\HttpClient;
$client = new SecureLicenseClient(
httpClient: HttpClient::create(),
baseUrl: 'https://your-wordpress-site.com',
serverSecret: 'shared-secret-with-server', // Must match server configuration
);
try {
$licenseInfo = $client->validate('ABCD-1234-EFGH-5678', 'example.com');
} catch (SignatureException $e) {
// Response signature invalid - possible tampering!
}
```
**Important:** The secure client requires the server to sign responses. See [docs/server-implementation.md](docs/server-implementation.md) for server setup instructions.
### Security Features
- **Response Signatures**: HMAC-SHA256 verification prevents response tampering
- **Timestamp Validation**: Prevents replay attacks (5-minute tolerance)
- **Per-License Keys**: Each license has a unique verification key
- **Code Integrity**: Optional verification of source file integrity
## Documentation
For detailed implementation guides, see:
- [Client Implementation Guide](docs/client-implementation.md) - Complete guide for integrating this client into existing projects
- [Server Implementation Guide](docs/server-implementation.md) - How to set up response signing on the server
## Testing
Run the test suite with PHPUnit:
```bash
./vendor/bin/phpunit
```
## API Endpoints
This client interacts with the following WooCommerce Licensed Product API endpoints:
- **POST /validate** - Validate a license key for a specific domain
- **POST /status** - Get detailed license status information
- **POST /activate** - Activate a license on a domain
- **POST /update-check** - Check for plugin updates
## License
GPL-2.0-or-later
## Author
Marco Graetsch
- Website: <https://src.bundespruefstelle.ch/magdev>
- Email: <magdev3.0@gmail.com>
## Contributing
Issues and pull requests are welcome at <https://src.bundespruefstelle.ch/magdev/wc-licensed-product-client/issues>
Reference in New Issue View Git Blame Copy Permalink