UPS has recently updated its API security model to OAuth 2.0 to enhance overall security, reduce fraud, and provide improved API capabilities. This update requires migrating from the legacy SOAP API to the RESTful API, which supports OAuth 2.0 authentication protocols.
Impact on Adobe Commerce Integration
This change affects the current UPS shipping method integration in Adobe Commerce. As a , Adobe Commerce merchants must update their integration to continue transacting with UPS services.
Adobe Commerce Hotfix and Patches
To address this issue, Adobe has released a hotfix for Adobe Commerce versions 2.4.4, 2.4.5, and 2.4.6. This hotfix enables merchants to migrate to the latest UPS REST APIs. The issue will be fully resolved in Adobe Commerce/Magento Open Source version 2.4.7, with the fix included in the 2.4.7-beta 2 release scheduled for October 2023.
Patches for Adobe Commerce/Magento Open Source:
- Versions 2.4.4+, 2.4.5+, and 2.4.6+: Apply the corresponding patch provided by Adobe to update the UPS integration.
- Older Versions (2.2.x): Adobe has not released patches for these versions. Therefore, custom modifications are required.
Custom Fix for Magento 2.2.x
For Magento 2.2.x versions, which do not have the Magento\Framework\HTTP\AsyncClientInterface for API requests, a custom fix is necessary. The updates involve using Magento\Framework\HTTP\ZendClientFactory and modifying key files within the module.
Modified Files:module-ups/Model/Carrier.php: Updated to handle new RESTful API requests and OAuth 2.0 authentication.
- module-ups/etc/adminhtml/system.xml: Adjusted configuration settings to support the updated integration.
- module-ups/Model/UpsAuth.php: Implemented OAuth 2.0 authentication logic.
- module-ups/view/adminhtml/templates/system/shipping/carrier_config.phtml: Updated admin configuration template to reflect new settings.
Steps to Implement the Custom Fix
- Update Carrier Model:Modify module-ups/Model/Carrier.php to use Magento\Framework\HTTP\ZendClientFactory for making API requests to the UPS RESTful API. Implement OAuth 2.0 authentication within the model.
- Adjust System Configuration:Modify module-ups/etc/adminhtml/system.xml to include necessary configuration fields for OAuth 2.0 credentials and other relevant settings.
- Implement OAuth 2.0 Authentication:Update module-ups/Model/UpsAuth.php to handle the OAuth 2.0 token generation and management. Ensure the token is used for authenticating API requests.
- Update Admin Configuration Template:Modify module-ups/view/adminhtml/templates/system/shipping/carrier_config.phtml to provide an interface for entering OAuth 2.0 credentials and other required configurations.
Conclusion
By implementing these changes, Adobe Commerce merchants using versions 2.4.4+, 2.4.5+, and 2.4.6+ can seamlessly transition to the new UPS RESTful APIs with OAuth 2.0 authentication. Merchants using older versions, such as Magento 2.2.x, can apply the custom fixes outlined above to ensure continued compatibility with UPS services.
For detailed guidance on applying the hotfix or custom modifications, refer to Adobe’s official documentation and support resources.