lulacanci/oauth2-walmart 问题修复 & 功能扩展

解决BUG、新增功能、兼容多环境部署,快速响应你的开发需求

邮箱:yvsm@zunyunkeji.com | QQ:316430983 | 微信:yvsm316

lulacanci/oauth2-walmart

Composer 安装命令:

composer require lulacanci/oauth2-walmart

包简介

Walmart Marketplace OAuth2 Client Provider for The PHP League OAuth2-Client

README 文档

README

License Latest Stable Version

This package provides Walmart Marketplace OAuth 2.0 support for the PHP League's OAuth 2.0 Client.

This package is compliant with PSR-1, PSR-2 and PSR-4. If you notice compliance oversights, please send a patch via pull request.

Features

  • Client Credentials Grant - For sellers accessing their own Walmart Marketplace account
  • Authorization Code Grant - For solution providers acting on behalf of sellers
  • Refresh Token Grant - Automatically refresh expired access tokens
  • Multi-Marketplace Support - US, Canada, and Mexico marketplaces

Requirements

To use this package, you will need a Walmart client ID and client secret. These are referred to as {walmart-client-id} and {walmart-client-secret} in the documentation.

For Sellers

Follow the Get started as a seller guide to create your API credentials.

For Solution Providers

Follow the Get started as a Solution Provider guide to register your application.

Installation

To install, use composer:

composer require lulacanci/oauth2-walmart

Usage

Option 1: Client Credentials Grant (Sellers)

Use this when your application is accessing your own Walmart seller account only.

require __DIR__ . '/vendor/autoload.php';

use Lulacanci\OAuth2\Client\Provider\Walmart;
use Lulacanci\OAuth2\Client\Provider\WalmartMarketplace;

$provider = new Walmart(
    [
        'clientId'     => '{walmart-client-id}',
        'clientSecret' => '{walmart-client-secret}',
    ],
    [],
    WalmartMarketplace::US // or CANADA, MEXICO
);

// Get access token using client credentials
$token = $provider->getAccessTokenWithClientCredentials();

echo 'Access Token: ' . $token->getToken() . "\n";
echo 'Expires in: ' . $token->getExpires() . " seconds\n";

// Use the token with Walmart APIs
// Include it in the WM_SEC.ACCESS_TOKEN header

Option 2: Authorization Code Grant (Solution Providers)

Use this when your application acts on behalf of other sellers. The seller must authorize your app first.

require __DIR__ . '/vendor/autoload.php';

use Lulacanci\OAuth2\Client\Provider\Walmart;
use Lulacanci\OAuth2\Client\Provider\WalmartMarketplace;

session_start();

$clientId = '{walmart-client-id}';
$clientSecret = '{walmart-client-secret}';
$redirectUri = 'https://example.com/callback-url';

$provider = new Walmart(
    [
        'clientId'     => $clientId,
        'clientSecret' => $clientSecret,
        'redirectUri'  => $redirectUri,
    ],
    [],
    WalmartMarketplace::US
);

if (empty($_GET['code'])) {
    // Step 1: Redirect to Walmart authorization URL
    // The seller will be prompted to log in and authorize your app
    
    $authorizationUrl = $provider->getAuthorizationUrl();
    $_SESSION['oauth2state'] = $provider->getState();
    
    header('Location: ' . $authorizationUrl);
    exit;
    
} elseif (empty($_GET['state']) || ($_GET['state'] !== $_SESSION['oauth2state'])) {
    // State is invalid, possible CSRF attack in progress
    unset($_SESSION['oauth2state']);
    exit('Invalid state');
    
} else {
    // Step 2: Exchange authorization code for access token + refresh token
    
    $token = $provider->getAccessToken('authorization_code', [
        'code' => $_GET['code'],
        'redirect_uri' => $redirectUri,
    ]);

    // Store these tokens securely!
    $accessToken = $token->getToken();           // Valid for 15 minutes
    $refreshToken = $token->getRefreshToken();   // Valid for 1 year
    
    echo 'Access Token: ' . $accessToken . "\n";
    echo 'Refresh Token: ' . $refreshToken . "\n";
}

Option 3: Refresh Token Grant

Access tokens expire after 15 minutes. Use the refresh token to get a new access token without requiring user interaction. Refresh tokens are valid for 1 year.

require __DIR__ . '/vendor/autoload.php';

use Lulacanci\OAuth2\Client\Provider\Walmart;
use Lulacanci\OAuth2\Client\Provider\WalmartMarketplace;

$provider = new Walmart([
        'clientId'     => '{walmart-client-id}',
        'clientSecret' => '{walmart-client-secret}',
        'redirectUri'  => 'https://example.com/callback-url',
    ],
    [],
    WalmartMarketplace::US
);

// Use your stored refresh token
$storedRefreshToken = 'your-stored-refresh-token';

$newToken = $provider->getAccessToken('refresh_token', [
    'refresh_token' => $storedRefreshToken,
]);

$accessToken = $newToken->getToken();
// Store the new access token securely

Multi-Marketplace Support

The package supports all Walmart marketplaces:

use Lulacanci\OAuth2\Client\Provider\WalmartMarketplace;

// US Marketplace (default)
$provider = new Walmart($options, [], WalmartMarketplace::US);
// Sets clientType=seller

// Canada Marketplace
$provider = new Walmart($options, [], WalmartMarketplace::CANADA);
// Sets clientType=seller-ca

// Mexico Marketplace
$provider = new Walmart($options, [], WalmartMarketplace::MEXICO);
// Sets clientType=seller-mx

Using the Access Token with Walmart APIs

Include the access token in the WM_SEC.ACCESS_TOKEN header for all Walmart Marketplace API calls:

$client = new GuzzleHttp\Client();

$response = $client->get('https://marketplace.walmartapis.com/v3/items', [
    'headers' => [
        'WM_SEC.ACCESS_TOKEN' => $token->getToken(),
        'WM_SVC.NAME' => 'Walmart Marketplace',
        'WM_QOS.CORRELATION_ID' => uniqid(),
        'Accept' => 'application/json',
    ],
]);

Scopes

Scopes can be set by using the scope parameter when generating the authorization URL:

$authorizationUrl = $provider->getAuthorizationUrl([
    'scope' => ['items', 'orders', 'inventory'],
]);

See the API scopes documentation for available scopes.

Testing

Tests can be run with:

./vendor/bin/phpunit

Or with the watcher:

composer test

Documentation

Credits

Sponsors

Aureus POS - The Gold Standard Of Bullion & Collectibles Software

License

The MIT License (MIT). Please see License File for more information.

lulacanci/oauth2-walmart 适用场景与选型建议

lulacanci/oauth2-walmart 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 109 次下载、GitHub Stars 达 0, 最近一次更新时间为 2026 年 01 月 22 日, 在 PHP 生态内属于活跃度较高的组件。

它主要适用于以下技术方向: 「client」 「oauth」 「oauth2」 「marketplace」 「walmart」 「seller」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。

我们在过去多个企业项目中使用过 lulacanci/oauth2-walmart 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。

围绕 lulacanci/oauth2-walmart 我们能提供哪些服务?
定制开发 / 二次开发

基于 lulacanci/oauth2-walmart 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。

BUG 修复 & 性能优化

线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。

项目外包 & 长期维护

承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。

yvsm@zunyunkeji.com QQ:316430983 微信:yvsm316 西安尊云信息科技 · 专注 PHP / Go / 分布式系统研发

统计信息

  • 总下载量: 109
  • 月度下载量: 0
  • 日度下载量: 0
  • 收藏数: 0
  • 点击次数: 23
  • 依赖项目数: 0
  • 推荐数: 0

GitHub 信息

  • Stars: 0
  • Watchers: 0
  • Forks: 2
  • 开发语言: PHP

其他信息

  • 授权协议: MIT
  • 更新时间: 2026-01-22