BUGFIX: Make expires an explicit property of Authorization

With that, OAuthClient::removeExpiredAuthorizations is able to
select expired records.

resolves: #9

Author: daniellienert

Classes/Authorization.php

@@ -61,6 +61,12 @@ class Authorization
      */
     protected $scope;
 
+    /**
+     * @var \DateTimeImmutable
+     * @ORM\Column(nullable = true)
+     */
+    protected $expires;
+
     /**
      * @var array
      * @ORM\Column(type="json_array", nullable = true)
@@ -93,7 +99,7 @@ public function __construct(string $serviceName, string $clientId, string $grant
      */
     public static function calculateAuthorizationId(string $serviceName, string $clientId, string $scope, string $grantType): string
     {
-        return sha1($serviceName . $clientId . $scope. $grantType);
+        return sha1($serviceName . $clientId . $scope . $grantType);
     }
 
     /**
@@ -193,4 +199,20 @@ public function getAccessToken(): ?AccessToken
     {
         return !empty($this->serializedAccessToken) ? new AccessToken($this->serializedAccessToken) : null;
     }
+
+    /**
+     * @return \DateTimeImmutable
+     */
+    public function getExpires(): \DateTimeImmutable
+    {
+        return $this->expires;
+    }
+
+    /**
+     * @param \DateTimeImmutable $expires
+     */
+    public function setExpires(\DateTimeImmutable $expires): void
+    {
+        $this->expires = $expires;
+    }
 }

Classes/OAuthClient.php

@@ -18,6 +18,7 @@
 use Neos\Flow\Annotations as Flow;
 use Neos\Flow\Core\Bootstrap;
 use Neos\Flow\Http\HttpRequestHandlerInterface;
+use Neos\Flow\Log\Utility\LogEnvironment;
 use Neos\Flow\Mvc\ActionRequest;
 use Neos\Flow\Mvc\Routing\Exception\MissingActionNameException;
 use Neos\Flow\Mvc\Routing\UriBuilder;
@@ -217,20 +218,21 @@ public function getRequestFactory(): RequestFactory
     public function requestAccessToken(string $serviceName, string $clientId, string $clientSecret, string $scope, string $grantType, array $additionalParameters = []): void
     {
         $authorizationId = Authorization::calculateAuthorizationId($serviceName, $clientId, $scope, $grantType);
-        $this->logger->info(sprintf('OAuth (%s): Retrieving access token using %s grant for client "%s" using a %s bytes long secret. (authorization id: %s)', $this->getServiceType(), $grantType, $clientId, strlen($clientSecret), $authorizationId));
+        $this->logger->info(sprintf('OAuth (%s): Retrieving access token using %s grant for client "%s" using a %s bytes long secret. (authorization id: %s)', $this->getServiceType(), $grantType, $clientId, strlen($clientSecret), $authorizationId), LogEnvironment::fromMethodName(__METHOD__));
 
         $existingAuthorization = $this->getAuthorization($authorizationId);
         if ($existingAuthorization !== null) {
             $this->entityManager->remove($existingAuthorization);
             $this->entityManager->flush();
 
-            $this->logger->info(sprintf('OAuth (%s): Removed old OAuth token for client "%s". (authorization id: %s)', $this->getServiceType(), $clientId, $authorizationId));
+            $this->logger->info(sprintf('OAuth (%s): Removed old OAuth token for client "%s". (authorization id: %s)', $this->getServiceType(), $clientId, $authorizationId), LogEnvironment::fromMethodName(__METHOD__));
         }
 
         $accessToken = $this->createOAuthProvider($clientId, $clientSecret)->getAccessToken($grantType, $additionalParameters);
+
         $authorization = $this->createNewAuthorization($serviceName, $clientId, $scope, $grantType, $accessToken);
 
-        $this->logger->info(sprintf('OAuth (%s): Persisted new OAuth authorization %s for client "%s" with expiry time %s. (authorization id: %s)', $this->getServiceType(), $authorizationId, $clientId, $accessToken->getExpires(), $authorizationId));
+        $this->logger->info(sprintf('OAuth (%s): Persisted new OAuth authorization %s for client "%s" with expiry time %s. (authorization id: %s)', $this->getServiceType(), $authorizationId, $clientId, $accessToken->getExpires(), $authorizationId), LogEnvironment::fromMethodName(__METHOD__));
 
         $this->entityManager->persist($authorization);
         $this->entityManager->flush();
@@ -249,7 +251,7 @@ public function requestAccessToken(string $serviceName, string $clientId, string
     public function startAuthorization(string $clientId, string $clientSecret, UriInterface $returnToUri, string $scope): UriInterface
     {
         $authorization = new Authorization($this->getServiceType(), $clientId, Authorization::GRANT_AUTHORIZATION_CODE, $scope);
-        $this->logger->info(sprintf('OAuth (%s): Starting authorization %s using client id "%s", a %s bytes long secret and scope "%s".', $this->getServiceType(), $authorization->getAuthorizationId(), $clientId, strlen($clientSecret), $scope));
+        $this->logger->info(sprintf('OAuth (%s): Starting authorization %s using client id "%s", a %s bytes long secret and scope "%s".', $this->getServiceType(), $authorization->getAuthorizationId(), $clientId, strlen($clientSecret), $scope), LogEnvironment::fromMethodName(__METHOD__));
 
         try {
             $oldAuthorization = $this->entityManager->find(Authorization::class, $authorization->getAuthorizationId());
@@ -361,7 +363,7 @@ public function refreshAuthorization(string $authorizationId, string $clientId,
         try {
             $accessToken = $oAuthProvider->getAccessToken('refresh_token', ['refresh_token' => $authorization->refreshToken]);
             $authorization->accessToken = $accessToken->getToken();
-            $authorization->expires = ($accessToken->getExpires() ? \DateTimeImmutable::createFromFormat('U', $accessToken->getExpires()) : null);
+            $authorization->setExpires($accessToken->getExpires() ? \DateTimeImmutable::createFromFormat('U', $accessToken->getExpires()) : null);
 
             $this->logger->debug(sprintf($this->getServiceType() . ': New access token is "%s", refresh token is "%s".', $authorization->accessToken, $authorization->refreshToken));
 

Migrations/Mysql/Version20200716150451.php

@@ -0,0 +1,46 @@
+<?php
+namespace Neos\Flow\Persistence\Doctrine\Migrations;
+
+use Doctrine\Migrations\AbstractMigration;
+use Doctrine\DBAL\Schema\Schema;
+use Doctrine\DBAL\Migrations\AbortMigrationException;
+
+/**
+ * Auto-generated Migration: Please modify to your needs! This block will be used as the migration description if getDescription() is not used.
+ */
+class Version20200716150451 extends AbstractMigration
+{
+
+    /**
+     * @return string
+     */
+    public function getDescription(): string
+    {
+        return '';
+    }
+
+    /**
+     * @param Schema $schema
+     * @return void
+     * @throws AbortMigrationException
+     */
+    public function up(Schema $schema): void
+    {
+        // this up() migration is autogenerated, please modify it to your needs
+        $this->abortIf($this->connection->getDatabasePlatform()->getName() !== 'mysql', 'Migration can only be executed safely on "mysql".');
+        $this->addSql('ALTER TABLE flownative_oauth2_client_authorization ADD expires DATETIME DEFAULT NULL COMMENT \'(DC2Type:datetime_immutable)\'');
+    }
+
+    /**
+     * @param Schema $schema
+     * @return void
+     * @throws AbortMigrationException
+     */
+    public function down(Schema $schema): void
+    {
+        // this down() migration is autogenerated, please modify it to your needs
+        $this->abortIf($this->connection->getDatabasePlatform()->getName() !== 'mysql', 'Migration can only be executed safely on "mysql".');
+
+        $this->addSql('ALTER TABLE flownative_oauth2_client_authorization DROP expires');
+    }
+}