Merge pull request #681 from GDATASoftwareAG/php/http_api_authenticator_proposal

Refators the Authenntication stuff

Author: lennartdohmann

php/src/vaas/Authentication/ClientCredentialsGrantAuthenticator.php

@@ -4,7 +4,6 @@
 
 use Amp\Cancellation;
 use Amp\Http\Client\HttpClient;
-use VaasSdk\Options\AuthenticationOptions;
 
 class ClientCredentialsGrantAuthenticator implements AuthenticatorInterface
 {
@@ -17,15 +16,9 @@ class ClientCredentialsGrantAuthenticator implements AuthenticatorInterface
      * @param string|null $tokenUrl The optional token url. Defaults to 'https://account.gdata.de/realms/vaas-production/protocol/openid-connect/token'
      * @param HttpClient|null $httpClient Your optional custom http client.
      */
-    public function __construct(string $clientId, string $clientSecret, ?string $tokenUrl = null, ?HttpClient $httpClient = null)
+    public function __construct(public string $clientId, public string $clientSecret, ?string $tokenUrl = null, ?HttpClient $httpClient = null)
     {
-        $options = new AuthenticationOptions(
-            grantType: GrantType::CLIENT_CREDENTIALS,
-            clientId: $clientId,
-            tokenUrl: $tokenUrl ?? 'https://account.gdata.de/realms/vaas-production/protocol/openid-connect/token',
-            clientSecret: $clientSecret
-        );
-        $this->tokenReceiver = new TokenReceiver($options, $httpClient);
+        $this->tokenReceiver = new TokenReceiver($this, $tokenUrl, $httpClient);
     }
 
     /**

php/src/vaas/Authentication/ResourceOwnerPasswordGrantAuthenticator.php

@@ -4,7 +4,6 @@
 
 use Amp\Cancellation;
 use Amp\Http\Client\HttpClient;
-use VaasSdk\Options\AuthenticationOptions;
 
 class ResourceOwnerPasswordGrantAuthenticator implements AuthenticatorInterface
 {
@@ -19,16 +18,9 @@ class ResourceOwnerPasswordGrantAuthenticator implements AuthenticatorInterface
      * @param string|null $tokenUrl The optional token url. Defaults to 'https://account.gdata.de/realms/vaas-production/protocol/openid-connect/token'
      * @param HttpClient|null $httpClient Your optional custom http client.
      */
-    public function __construct(string $clientId, string $userName, string $password, ?string $tokenUrl = null, ?HttpClient $httpClient = null)
+    public function __construct(public string $clientId, public string $userName, public string $password, ?string $tokenUrl = null, ?HttpClient $httpClient = null)
     {
-        $options = new AuthenticationOptions(
-            grantType: GrantType::PASSWORD,
-            clientId: $clientId,
-            tokenUrl: $tokenUrl ?? 'https://account.gdata.de/realms/vaas-production/protocol/openid-connect/token',
-            userName: $userName,
-            password: $password
-        );
-        $this->tokenReceiver = new TokenReceiver($options, $httpClient);
+        $this->tokenReceiver = new TokenReceiver($this, $tokenUrl, $httpClient);
     }
 
     /**

php/src/vaas/Authentication/TokenReceiver.php

@@ -12,22 +12,22 @@
 use Exception;
 use InvalidArgumentException;
 use VaasSdk\Exceptions\VaasAuthenticationException;
-use VaasSdk\Options\AuthenticationOptions;
 use function Amp\async;
 use function Amp\delay;
 
 class TokenReceiver
 {
-    private HttpClient $httpClient;
-    private AuthenticationOptions $authenticationOptions;
     private Mutex $mutex;
     private ?TokenResponse $lastTokenResponse = null;
     private int $validTo = 0;
     private ?int $lastRequestTime = null;
 
-    public function __construct(AuthenticationOptions $options, ?HttpClient $httpClient = null)
+    public function __construct(
+        public AuthenticatorInterface $authenticator,
+        public ?string $tokenUrl = null,
+        public ?HttpClient $httpClient = null)
     {
-        $this->authenticationOptions = $options;
+        $this->tokenUrl = $tokenUrl ?? 'https://account.gdata.de/realms/vaas-production/protocol/openid-connect/token';
         $this->httpClient = $httpClient ?? HttpClientBuilder::buildDefault();
         $this->mutex = new LocalMutex();
     }
@@ -81,7 +81,7 @@ private function requestTokenAsync(?Cancellation $cancellation = null): Future
     {
         return async(function () use ($cancellation) {
             $form = $this->tokenRequestToForm();
-            $request = new Request($this->authenticationOptions->tokenUrl, 'POST');
+            $request = new Request($this->tokenUrl, 'POST');
             $request->setBody($form);
             $request->setHeader('Content-Type', 'application/x-www-form-urlencoded');
 
@@ -118,19 +118,20 @@ private function requestTokenAsync(?Cancellation $cancellation = null): Future
      */
     private function tokenRequestToForm(): string
     {
-        if ($this->authenticationOptions->grantType == GrantType::CLIENT_CREDENTIALS) {
-            return http_build_query([
-                'client_id' => $this->authenticationOptions->clientId,
-                'client_secret' => $this->authenticationOptions->clientSecret ?? throw new InvalidArgumentException(),
+        return match (true) 
+        {
+            $this->authenticator instanceof ClientCredentialsGrantAuthenticator =>  http_build_query([
+                'client_id' => $this->authenticator->clientId,
+                'client_secret' => $this->authenticator->clientSecret,
                 'grant_type' => 'client_credentials',
-            ]);
-        }
-
-        return http_build_query([
-            'client_id' => $this->authenticationOptions->clientId,
-            'username' => $this->authenticationOptions->userName ?? throw new InvalidArgumentException(),
-            'password' => $this->authenticationOptions->password ?? throw new InvalidArgumentException(),
+            ]),
+            $this->authenticator instanceof ResourceOwnerPasswordGrantAuthenticator =>  http_build_query([
+                'client_id' => $this->authenticator->clientId,
+                'username' => $this->authenticator->userName,
+                'password' => $this->authenticator->password,
             'grant_type' => 'password',
-        ]);
+            ]),
+            default => throw new InvalidArgumentException("Unknown authenticator type")
+        };
     }
 }