Merge pull request #8 from atomx/no-auth-requests

No token for public resources, move login to a TokenStore

Author: mrm

.gitignore

@@ -1,6 +1,5 @@
 .idea/
 vendor/
 atomx.php
-Atomx/MemoryAccountStore.php
 tests/AtomxAccountStore.php
 

Atomx/ApiClient.php

@@ -1,8 +1,10 @@
 <?php namespace Atomx;
 
+use Atomx\Exceptions\ApiException;
 use GuzzleHttp\Client;
 use GuzzleHttp\Exception\RequestException;
 use GuzzleHttp\Message\Response;
+use GuzzleHttp\Stream\StreamInterface;
 
 class ApiClient {
     protected $endpoint;
@@ -20,6 +22,11 @@ function __construct()
         $this->client = new Client(['base_url' => $this->apiBase]);
     }
 
+    public function getClient()
+    {
+        return $this->client;
+    }
+
     public function clearFields()
     {
         $this->fields = [];
@@ -58,6 +65,12 @@ public function post($fields = [])
         return $this->postUrl($this->endpoint, ['json' => $fields]);
     }
 
+    /**
+     * @param $url
+     * @param array $options
+     * @return string|StreamInterface
+     * @throws ApiException
+     */
     public function postUrl($url, $options = [])
     {
         return $this->request('post', $url, $options);
@@ -127,7 +140,6 @@ public function __get($name)
 
     public function fill($fields)
     {
-        // TODO: Merge with the other fields
         $this->fields = $fields;
     }
 

Atomx/ApiException.php

@@ -1,28 +1,39 @@
 <?php namespace Atomx;
 
+use Atomx\Exceptions\ApiException;
 use Exception;
 use GuzzleHttp\Message\Response;
-use GuzzleHttp\Stream\Stream;
 
 class AtomxClient extends ApiClient {
+    const API_BASE = 'https://api.atomx.com/v3/';
     protected $apiBase = null;
     protected $id = null;
+    protected $requiresToken = true;
 
     /**
-     * @var AccountStore Store the token for the application
+     * @var TokenStore Store the token for the application
      */
-    private $accountStore;
-    private $shouldSendToken = true;
+    protected $accountStore = null;
 
-    function __construct(AccountStore $accountStore, $idOrFields = null)
+    /**
+     * AtomxClient constructor.
+     * @param TokenStore|null $accountStore
+     * @param int|array $idOrFields
+     * @param string $apiBase
+     */
+    function __construct($accountStore = null, $idOrFields = null)
     {
-        $this->apiBase = $accountStore->getApiBase();
+        if ($accountStore) {
+            $this->accountStore = $accountStore;
+            $this->apiBase = $accountStore->getApiBase();
+        } else if ($this->requiresToken) {
+            throw new \InvalidArgumentException("{$this->endpoint} endpoint requires an AccountStore for the token");
+        } else {
+            $this->apiBase = AtomxClient::API_BASE;
+        }
 
         parent::__construct();
 
-        $this->accountStore = $accountStore;
-
-
         if (is_array($idOrFields))
             $this->fields = $idOrFields;
         else if (is_numeric($idOrFields))
@@ -48,62 +59,33 @@ public function setId($id)
 
     protected function handleResponse(Response $response)
     {
-        // TODO: Handle an invalid token/not logged in message
-        return json_decode(parent::handleResponse($response), true);
-    }
-
-    protected function getDefaultOptions()
-    {
-        $options = parent::getDefaultOptions();
-
-        if ($this->shouldSendToken)
-            $options['headers'] = ['Authorization' => $this->getToken()];
-
-        return $options;
-    }
+        $code = $response->getStatusCode();
 
-    public function login()
-    {
-        $this->shouldSendToken = false;
-
-        try {
-            $response = $this->postUrl('login', [
-                'json' => [
-                    'email'    => $this->accountStore->getUsername(),
-                    'password' => $this->accountStore->getPassword()
-                ]
-            ]);
-        } catch (ApiException $e) {
-            throw new ApiException('Unable to login to API!');
+        if ($code == 200) {
+            return json_decode($response->getBody()->getContents(), true);
         }
 
-        if ($response instanceof Stream) {
-            $response = json_decode($response->getContents(), true);
+        if ($code == 401 && $this->requiresToken) {
+            // Unauthorized, invalidate token
+            $this->accountStore->storeToken(null);
         }
 
-        $this->shouldSendToken = true;
-
-        if ($response['success'] !== true)
-            throw new ApiException('Unable to login to API!');
-
+        throw new ApiException('Request failed, received the following status: ' .
+            $response->getStatusCode() . ' Body: ' . $response->getBody()->getContents());
+    }
 
-        $token = 'Bearer ' . $response['auth_token'];
+    protected function getDefaultOptions()
+    {
+        $options = parent::getDefaultOptions();
 
-        $this->accountStore->storeToken($token);
+        if ($this->requiresToken)
+            $options['headers'] = ['Authorization' => 'Bearer ' . $this->getToken()];
 
-        return $response['user'];
+        return $options;
     }
 
     private function getToken()
     {
-        $token = $this->accountStore->getToken();
-
-        if ($token !== null) {
-            return $token;
-        }
-
-        $this->login();
-
         return $this->accountStore->getToken();
     }
 

Atomx/AtomxClient.php

@@ -0,0 +1,5 @@
+<?php namespace Atomx\Exceptions;
+
+use Exception;
+
+class ApiException extends Exception { }

Atomx/Exceptions/ApiException.php

@@ -0,0 +1,15 @@
+<?php namespace Atomx\Exceptions;
+
+class TotpRequiredException extends ApiException {
+    protected $response = null;
+
+    public function __construct($response)
+    {
+        $this->response = $response;
+    }
+
+    public function getResponse()
+    {
+        return $this->response;
+    }
+}

Atomx/Exceptions/TotpRequiredException.php

@@ -0,0 +1,94 @@
+<?php namespace Atomx;
+
+use Atomx\Exceptions\TotpRequiredException;
+use Atomx\Resources\Login;
+
+class LoginTokenStore implements TokenStore {
+    protected $token = null;
+    protected $username, $password, $totp, $apiBase;
+
+    /**
+     * @param string|null $username
+     * @param string|null $password
+     * @param string|null $totp
+     * @param string|null $apiBase
+     */
+    public function __construct($username = null, $password = null, $totp = null, $apiBase = null)
+    {
+        $this->username = $username;
+        $this->password = $password;
+        $this->totp = $totp;
+        $this->apiBase = $apiBase;
+
+        if ($this->apiBase == null)
+            $this->apiBase = AtomxClient::API_BASE;
+    }
+
+    /**
+     * @return null|string
+     */
+    public function getToken()
+    {
+        if (is_null($this->token)) {
+            $this->storeToken($this->getTokenFromLogin());
+        }
+
+        return $this->token;
+    }
+
+    protected function getLoginClient()
+    {
+        return new Login($this);
+    }
+
+    protected function getTokenFromLogin()
+    {
+        $response = $this->getLoginClient()->login([
+            'email' => $this->getUsername(),
+            'password' => $this->getPassword(),
+            'totp' => $this->getTotp()
+        ]);
+
+        if ($response['totp_required'])
+            throw new TotpRequiredException($response);
+
+        return $response['auth_token'];
+    }
+
+    /**
+     * @param string|null $token
+     */
+    public function storeToken($token)
+    {
+        $this->token = $token;
+    }
+
+    /**
+     * @return string
+     */
+    public function getUsername()
+    {
+        return $this->username;
+    }
+
+    /**
+     * @return string
+     */
+    public function getPassword()
+    {
+        return $this->password;
+    }
+
+    public function getTotp()
+    {
+        return $this->totp;
+    }
+
+    /**
+     * @return string
+     */
+    public function getApiBase()
+    {
+        return $this->apiBase;
+    }
+}

Atomx/LoginTokenStore.php

@@ -1,6 +1,6 @@
 <?php namespace Atomx;
 
-use Atomx\AccountStore;
+use Atomx\TokenStore;
 use GuzzleHttp\Stream\Stream;
 
 

Atomx/ReportStreamer.php

@@ -5,4 +5,5 @@
 
 class Browsers extends AtomxClient {
     protected $endpoint = 'browsers';
+    protected $requiresToken = false;
 }

Atomx/Resources/Browsers.php

@@ -4,4 +4,5 @@
 
 class CategoryList extends AtomxClient {
     protected $endpoint = 'categories';
+    protected $requiresToken = false;
 }