[VUFIND-1755] Allow FOLIO token sharing between sessions. (vufind-org#4244)

Author: demiankatz

config/vufind/Folio.ini

@@ -24,6 +24,13 @@ debug_get_requests = false
 ; more secure /auth/login-with-expiry method introduced in the Poppy release.
 legacy_authentication = true
 
+; If set to true (the default), the driver will cache API tokens so that all end
+; users share the same active token, to reduce the number of tokens generated in
+; FOLIO's database. If set to false, each user session will generate its own
+; distinct token. Note that this setting will be automatically disabled if the
+; use_user_token setting below is set to true, as the options are incompatible.
+global_token_cache = true
+
 [IDs]
 ; Which FOLIO ID is VuFind using as its internal bibliographic ID?
 ; Options:

module/VuFind/src/VuFind/ILS/Driver/Folio.php

@@ -351,6 +351,19 @@ protected function checkTenantTokenExpired()
             || strtotime('now') >= strtotime($this->tokenExpiration);
     }
 
+    /**
+     * Should we use a global cache for FOLIO API tokens?
+     *
+     * @return bool
+     */
+    protected function useGlobalTokenCache(): bool
+    {
+        // If we're configured to store user-specific tokens, we can't use the global
+        // token cache.
+        $useUserToken = $this->config['User']['use_user_token'] ?? false;
+        return !$useUserToken && ($this->config['API']['global_token_cache'] ?? true);
+    }
+
     /**
      * Initialize the driver.
      *
@@ -362,11 +375,19 @@ public function init()
     {
         $factory = $this->sessionFactory;
         $this->sessionCache = $factory($this->tenant);
+        $cacheType = 'session';
+        if ($this->useGlobalTokenCache()) {
+            $globalTokenData = (array)($this->getCachedData('token') ?? []);
+            if (count($globalTokenData) === 2) {
+                $cacheType = 'global';
+                [$this->sessionCache->folio_token, $this->sessionCache->folio_token_expiration] = $globalTokenData;
+            }
+        }
         if ($this->sessionCache->folio_token ?? false) {
             $this->token = $this->sessionCache->folio_token;
             $this->tokenExpiration = $this->sessionCache->folio_token_expiration ?? null;
             $this->debug(
-                'Token taken from cache: ' . substr($this->token, 0, 30) . '...'
+                'Token taken from ' . $cacheType . ' cache: ' . substr($this->token, 0, 30) . '...'
             );
         }
         if ($this->token == null) {
@@ -1205,13 +1226,19 @@ protected function setTokenValuesFromResponse(Response $response)
         if ($this->useLegacyAuthentication()) {
             $this->token = $response->getHeaders()->get('X-Okapi-Token')->getFieldValue();
             $this->tokenExpiration = gmdate('D, d-M-Y H:i:s T', strtotime('now'));
+            $tokenCacheLifetime = 600; // cache old-fashioned tokens for 10 minutes
         } elseif ($cookie = $this->getCookieByName($response, 'folioAccessToken')) {
             $this->token = $cookie->getValue();
             $this->tokenExpiration = $cookie->getExpires();
+            // cache RTR tokens using their known lifetime:
+            $tokenCacheLifetime = strtotime($this->tokenExpiration) - strtotime('now');
         }
         if ($this->token != null && $this->tokenExpiration != null) {
             $this->sessionCache->folio_token = $this->token;
             $this->sessionCache->folio_token_expiration = $this->tokenExpiration;
+            if ($this->useGlobalTokenCache()) {
+                $this->putCachedData('token', [$this->token, $this->tokenExpiration], $tokenCacheLifetime);
+            }
         } else {
             throw new \Exception('Could not find token data in response');
         }