Fix lint

modules/ppcp-api-client/services.php

@@ -9,6 +9,7 @@ declare(strict_types=1);
 
 namespace WooCommerce\PayPalCommerce\ApiClient;
 
+use WooCommerce\PayPalCommerce\ApiClient\Authentication\SdkClientToken;
 use WooCommerce\PayPalCommerce\ApiClient\Authentication\UserIdToken;
 use WooCommerce\PayPalCommerce\ApiClient\Endpoint\PaymentMethodTokensEndpoint;
 use WooCommerce\PayPalCommerce\ApiClient\Endpoint\PaymentTokensEndpoint;
@@ -1633,4 +1634,11 @@ return array(
 			$container->get( 'woocommerce.logger.woocommerce' )
 		);
 	},
+	'api.sdk-client-token'                           => static function( ContainerInterface $container ): SdkClientToken {
+		return new SdkClientToken(
+			$container->get( 'api.host' ),
+			$container->get( 'api.bearer' ),
+			$container->get( 'woocommerce.logger.woocommerce' )
+		);
+	},
 );

modules/ppcp-api-client/src/Authentication/SdkClientToken.php

@@ -0,0 +1,106 @@
+<?php
+/**
+ * Generates user ID token for payer.
+ *
+ * @package WooCommerce\PayPalCommerce\ApiClient\Authentication
+ */
+
+namespace WooCommerce\PayPalCommerce\ApiClient\Authentication;
+
+use Psr\Log\LoggerInterface;
+use WooCommerce\PayPalCommerce\ApiClient\Endpoint\RequestTrait;
+use WooCommerce\PayPalCommerce\ApiClient\Exception\PayPalApiException;
+use WooCommerce\PayPalCommerce\ApiClient\Exception\RuntimeException;
+use WooCommerce\PayPalCommerce\PPCP;
+use WP_Error;
+
+/**
+ * Class SdkClientToken
+ */
+class SdkClientToken {
+
+	use RequestTrait;
+
+	/**
+	 * The host.
+	 *
+	 * @var string
+	 */
+	private $host;
+
+	/**
+	 * The bearer.
+	 *
+	 * @var Bearer
+	 */
+	private $bearer;
+
+	/**
+	 * The logger.
+	 *
+	 * @var LoggerInterface
+	 */
+	private $logger;
+
+	/**
+	 * SdkClientToken constructor.
+	 *
+	 * @param string          $host The host.
+	 * @param Bearer          $bearer The bearer.
+	 * @param LoggerInterface $logger The logger.
+	 */
+	public function __construct(
+		string $host,
+		Bearer $bearer,
+		LoggerInterface $logger
+	) {
+		$this->host   = $host;
+		$this->bearer = $bearer;
+		$this->logger = $logger;
+	}
+
+	/**
+	 * Returns `sdk_client_token` which uniquely identifies the payer.
+	 *
+	 * @param string $target_customer_id Vaulted customer id.
+	 *
+	 * @return string
+	 *
+	 * @throws PayPalApiException If the request fails.
+	 * @throws RuntimeException If something unexpected happens.
+	 */
+	public function sdk_client_token( string $target_customer_id = '' ): string {
+		$bearer = $this->bearer->bearer();
+
+		$url = trailingslashit( $this->host ) . 'v1/oauth2/token?grant_type=client_credentials&response_type=client_token&intent=sdk_init';
+		if ( $target_customer_id ) {
+			$url = add_query_arg(
+				array(
+					'target_customer_id' => $target_customer_id,
+				),
+				$url
+			);
+		}
+
+		$args = array(
+			'method'  => 'POST',
+			'headers' => array(
+				'Authorization' => 'Bearer ' . $bearer->token(),
+				'Content-Type'  => 'application/x-www-form-urlencoded',
+			),
+		);
+
+		$response = $this->request( $url, $args );
+		if ( $response instanceof WP_Error ) {
+			throw new RuntimeException( $response->get_error_message() );
+		}
+
+		$json        = json_decode( $response['body'] );
+		$status_code = (int) wp_remote_retrieve_response_code( $response );
+		if ( 200 !== $status_code ) {
+			throw new PayPalApiException( $json, $status_code );
+		}
+
+		return $json->access_token;
+	}
+}

modules/ppcp-api-client/src/Authentication/UserIdToken.php

@@ -72,7 +72,7 @@ class UserIdToken {
 	public function id_token( string $target_customer_id = '' ): string {
 		$bearer = $this->bearer->bearer();
 
-		$url = trailingslashit( $this->host ) . 'v1/oauth2/token?grant_type=client_credentials&response_type=client_token&intent=sdk_init';
+		$url = trailingslashit( $this->host ) . 'v1/oauth2/token?grant_type=client_credentials&response_type=id_token';
 		if ( $target_customer_id ) {
 			$url = add_query_arg(
 				array(
@@ -101,6 +101,6 @@ class UserIdToken {
 			throw new PayPalApiException( $json, $status_code );
 		}
 
-		return $json->access_token;
+		return $json->id_token;
 	}
 }

modules/ppcp-axo/src/AxoModule.php

@@ -9,6 +9,11 @@ declare(strict_types=1);
 
 namespace WooCommerce\PayPalCommerce\Axo;
 
+use Psr\Log\LoggerInterface;
+use WooCommerce\PayPalCommerce\ApiClient\Authentication\SdkClientToken;
+use WooCommerce\PayPalCommerce\ApiClient\Authentication\UserIdToken;
+use WooCommerce\PayPalCommerce\ApiClient\Exception\PayPalApiException;
+use WooCommerce\PayPalCommerce\ApiClient\Exception\RuntimeException;
 use WooCommerce\PayPalCommerce\Axo\Assets\AxoManager;
 use WooCommerce\PayPalCommerce\Button\Assets\SmartButtonInterface;
 use WooCommerce\PayPalCommerce\Onboarding\Render\OnboardingOptionsRenderer;
@@ -35,6 +40,8 @@ class AxoModule implements ModuleInterface {
 	 * {@inheritDoc}
 	 */
 	public function run( ContainerInterface $c ): void {
+		$module = $this;
+
 		add_filter(
 			'woocommerce_payment_gateways',
 			/**
@@ -71,34 +78,9 @@ class AxoModule implements ModuleInterface {
 			9
 		);
 
-		add_filter(
-			'ppcp_onboarding_dcc_table_rows',
-			/**
-			 * Param types removed to avoid third-party issues.
-			 *
-			 * @psalm-suppress MissingClosureParamType
-			 */
-			function ( $rows, $renderer ): array {
-				if ( ! is_array( $rows ) ) {
-					return $rows;
-				}
-
-				if ( $renderer instanceof OnboardingOptionsRenderer ) {
-					$rows[] = $renderer->render_table_row(
-						__( 'Fastlane by PayPal', 'woocommerce-paypal-payments' ),
-						__( 'Yes', 'woocommerce-paypal-payments' ),
-						__( 'Help accelerate guest checkout with PayPal\'s autofill solution.', 'woocommerce-paypal-payments' )
-					);
-				}
-				return $rows;
-			},
-			10,
-			2
-		);
-
 		add_action(
 			'init',
-			static function () use ( $c ) {
+			static function () use ( $c, $module ) {
 
 				// Check if the module is applicable, correct country, currency, ... etc.
 				if ( ! $c->get( 'axo.eligible' ) ) {
@@ -150,12 +132,89 @@ class AxoModule implements ModuleInterface {
 					}
 				);
 
+				add_filter(
+					'woocommerce_paypal_payments_localized_script_data',
+					function( array $localized_script_data ) use ( $c, $module ) {
+						$api = $c->get( 'api.sdk-client-token' );
+						assert( $api instanceof SdkClientToken );
+
+						$logger = $c->get( 'woocommerce.logger.woocommerce' );
+						assert( $logger instanceof LoggerInterface );
+
+						return $module->add_sdk_client_token_to_script_data( $api, $logger, $localized_script_data );
+					}
+				);
+
+				add_filter(
+					'ppcp_onboarding_dcc_table_rows',
+					/**
+					 * Param types removed to avoid third-party issues.
+					 *
+					 * @psalm-suppress MissingClosureParamType
+					 */
+					function ( $rows, $renderer ): array {
+						if ( ! is_array( $rows ) ) {
+							return $rows;
+						}
+
+						if ( $renderer instanceof OnboardingOptionsRenderer ) {
+							$rows[] = $renderer->render_table_row(
+								__( 'Fastlane by PayPal', 'woocommerce-paypal-payments' ),
+								__( 'Yes', 'woocommerce-paypal-payments' ),
+								__( 'Help accelerate guest checkout with PayPal\'s autofill solution.', 'woocommerce-paypal-payments' )
+							);
+						}
+						return $rows;
+					},
+					10,
+					2
+				);
+
 			},
 			1
 		);
 
 	}
 
+	/**
+	 * Adds id token to localized script data.
+	 *
+	 * @param SdkClientToken  $api User id token api.
+	 * @param LoggerInterface $logger The logger.
+	 * @param array           $localized_script_data The localized script data.
+	 * @return array
+	 */
+	private function add_sdk_client_token_to_script_data(
+		SdkClientToken $api,
+		LoggerInterface $logger,
+		array $localized_script_data
+	): array {
+		try {
+			$target_customer_id = '';
+			if ( is_user_logged_in() ) {
+				$target_customer_id = get_user_meta( get_current_user_id(), '_ppcp_target_customer_id', true );
+				if ( ! $target_customer_id ) {
+					$target_customer_id = get_user_meta( get_current_user_id(), 'ppcp_customer_id', true );
+				}
+			}
+
+			$sdk_client_token             = $api->sdk_client_token( $target_customer_id );
+			$localized_script_data['axo'] = array(
+				'sdk_client_token' => $sdk_client_token,
+			);
+
+		} catch ( RuntimeException $exception ) {
+			$error = $exception->getMessage();
+			if ( is_a( $exception, PayPalApiException::class ) ) {
+				$error = $exception->get_details( $error );
+			}
+
+			$logger->error( $error );
+		}
+
+		return $localized_script_data;
+	}
+
 	/**
 	 * Returns the key for the module.
 	 *

modules/ppcp-button/resources/js/modules/Helper/ScriptLoading.js

@@ -72,6 +72,11 @@ export const loadPaypalScript = (config, onLoaded, onError = null) => {
         scriptOptions['data-user-id-token'] = userIdToken;
     }
 
+    const sdkClientToken = config?.axo?.sdk_client_token;
+    if(sdkClientToken) {
+        scriptOptions['data-sdk-client-token'] = sdkClientToken;
+    }
+
     scriptOptions['data-client-metadata-id'] = 'ppcp-cm-id';
 
     // Load PayPal script

modules/ppcp-wc-gateway/src/Settings/SettingsRenderer.php

@@ -385,7 +385,7 @@ $data_rows_html
 			?>
 		<tr valign="top" id="<?php echo esc_attr( 'field-' . $field ); ?>" class="<?php echo esc_attr( implode( ' ', $classes ) ); ?>">
 			<?php if ( 'ppcp-heading' !== $config['type'] && isset( $config['title'] ) ) : ?>
-			<th scope="row" valign="bottom">
+			<th scope="row">
 				<label
 					for="<?php echo esc_attr( $id ); ?>"
 				>

tests/PHPUnit/ApiClient/Authentication/PayPalBearerTest.php

@@ -44,7 +44,7 @@ class PayPalBearerTest extends TestCase
         expect('wp_remote_get')
             ->andReturnUsing(
                 function ($url, $args) use ($json, $key, $secret, $host, $headers) {
-                    if ($url !== $host . '/v1/oauth2/token?grant_type=client_credentials') {
+                    if ($url !== $host . '/v1/oauth2/token?grant_type=client_credentials&intent=sdk_init') {
                         return false;
                     }
                     if ($args['method'] !== 'POST') {
@@ -99,7 +99,7 @@ class PayPalBearerTest extends TestCase
         expect('wp_remote_get')
             ->andReturnUsing(
                 function ($url, $args) use ($json, $key, $secret, $host, $headers) {
-                    if ($url !== $host . '/v1/oauth2/token?grant_type=client_credentials') {
+                    if ($url !== $host . '/v1/oauth2/token?grant_type=client_credentials&intent=sdk_init') {
                         return false;
                     }
                     if ($args['method'] !== 'POST') {
@@ -175,7 +175,7 @@ class PayPalBearerTest extends TestCase
         expect('wp_remote_get')
             ->andReturnUsing(
                 function ($url, $args) use ($json, $key, $secret, $host, $headers) {
-                    if ($url !== $host . '/v1/oauth2/token?grant_type=client_credentials') {
+                    if ($url !== $host . '/v1/oauth2/token?grant_type=client_credentials&intent=sdk_init') {
                         return false;
                     }
                     if ($args['method'] !== 'POST') {
@@ -225,7 +225,7 @@ class PayPalBearerTest extends TestCase
         expect('wp_remote_get')
             ->andReturnUsing(
                 function ($url, $args) use ($json, $key, $secret, $host, $headers) {
-                    if ($url !== $host . '/v1/oauth2/token?grant_type=client_credentials') {
+                    if ($url !== $host . '/v1/oauth2/token?grant_type=client_credentials&intent=sdk_init') {
                         return false;
                     }
                     if ($args['method'] !== 'POST') {