From c093d678f8e03b51b380054b061fe17c23483017 Mon Sep 17 00:00:00 2001
From: Bryant Luk <bryant.luk@getbraintree.com>
Date: Mon, 15 Aug 2016 11:00:57 -0500
Subject: [PATCH 1/2] Update OpenID Connect URLs to match docs

- URLs were updated. See
  https://developer.paypal.com/docs/api/auth-headers/#obtain-users-consent
---
 lib/PayPal/Core/PayPalConstants.php         | 4 ++--
 tests/PayPal/Test/Api/OpenIdSessionTest.php | 6 +++---
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/lib/PayPal/Core/PayPalConstants.php b/lib/PayPal/Core/PayPalConstants.php
index a85c56c..3796aee 100644
--- a/lib/PayPal/Core/PayPalConstants.php
+++ b/lib/PayPal/Core/PayPalConstants.php
@@ -20,8 +20,8 @@ class PayPalConstants
     const APPROVAL_URL = 'approval_url';
 
     const REST_SANDBOX_ENDPOINT = "https://api.sandbox.paypal.com/";
-    const OPENID_REDIRECT_SANDBOX_URL = "https://www.sandbox.paypal.com/webapps/auth/protocol/openidconnect";
+    const OPENID_REDIRECT_SANDBOX_URL = "https://www.sandbox.paypal.com/signin";
 
     const REST_LIVE_ENDPOINT = "https://api.paypal.com/";
-    const OPENID_REDIRECT_LIVE_URL = "https://www.paypal.com/webapps/auth/protocol/openidconnect";
+    const OPENID_REDIRECT_LIVE_URL = "https://www.paypal.com/signin";
 }
diff --git a/tests/PayPal/Test/Api/OpenIdSessionTest.php b/tests/PayPal/Test/Api/OpenIdSessionTest.php
index ee209f9..3a40b59 100644
--- a/tests/PayPal/Test/Api/OpenIdSessionTest.php
+++ b/tests/PayPal/Test/Api/OpenIdSessionTest.php
@@ -49,7 +49,7 @@ class OpenIdSessionTest extends \PHPUnit_Framework_TestCase
         $redirectUri = 'https://devtools-paypal.com/';
         $scope = array('this', 'that', 'and more');
 
-        $expectedBaseUrl = "https://www.paypal.com/webapps/auth/protocol/openidconnect/v1/authorize";
+        $expectedBaseUrl = "https://www.paypal.com/signin/authorize";
 
         $this->assertEquals($expectedBaseUrl . "?client_id=$clientId&response_type=code&scope=this+that+and+more+openid&redirect_uri=" . urlencode($redirectUri),
             OpenIdSession::getAuthorizationUrl($redirectUri, $scope, $clientId), "Failed case - custom scope");
@@ -73,7 +73,7 @@ class OpenIdSessionTest extends \PHPUnit_Framework_TestCase
         $redirectUri = 'http://mywebsite.com';
         $scope = array('this', 'that', 'and more');
 
-        $expectedBaseUrl = "https://www.paypal.com/webapps/auth/protocol/openidconnect/v1/authorize";
+        $expectedBaseUrl = "https://www.paypal.com/signin/authorize";
 
         $this->assertEquals($expectedBaseUrl . "?client_id=DummyId&response_type=code&scope=this+that+and+more+openid&redirect_uri=" . urlencode($redirectUri),
             OpenIdSession::getAuthorizationUrl($redirectUri, $scope, "DummyId", null, null, $this->context), "Failed case - custom config");
@@ -88,7 +88,7 @@ class OpenIdSessionTest extends \PHPUnit_Framework_TestCase
         $redirectUri = 'http://mywebsite.com';
         $idToken = 'abc';
 
-        $expectedBaseUrl = "https://www.paypal.com/webapps/auth/protocol/openidconnect/v1/endsession";
+        $expectedBaseUrl = "https://www.paypal.com/signin/endsession";
 
         $this->assertEquals($expectedBaseUrl . "?id_token=$idToken&redirect_uri=" . urlencode($redirectUri) . "&logout=true",
             OpenIdSession::getLogoutUrl($redirectUri, $idToken, $this->context), "Failed case - custom config");

From dcec4f8c8e76581947536748468eb18e008596b2 Mon Sep 17 00:00:00 2001
From: Jay Patel <japatel@paypal.com>
Date: Mon, 15 Aug 2016 11:10:06 -0500
Subject: [PATCH 2/2] Removed v1 from openIdConnect url

---
 lib/PayPal/Api/OpenIdSession.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/PayPal/Api/OpenIdSession.php b/lib/PayPal/Api/OpenIdSession.php
index 088026d..30e27d8 100644
--- a/lib/PayPal/Api/OpenIdSession.php
+++ b/lib/PayPal/Api/OpenIdSession.php
@@ -53,7 +53,7 @@ class OpenIdSession
         if ($state) {
             $params['state'] = $state;
         }
-        return sprintf("%s/v1/authorize?%s", self::getBaseUrl($config), http_build_query($params));
+        return sprintf("%s/authorize?%s", self::getBaseUrl($config), http_build_query($params));
     }
 
 
@@ -80,7 +80,7 @@ class OpenIdSession
             'redirect_uri' => $redirectUri,
             'logout' => 'true'
         );
-        return sprintf("%s/v1/endsession?%s", self::getBaseUrl($config), http_build_query($params));
+        return sprintf("%s/endsession?%s", self::getBaseUrl($config), http_build_query($params));
     }
 
     /**