foxbytehq
diff --git a/‎CHANGELOG.md‎
Lines changed: 39 additions & 1 deletion b/‎CHANGELOG.md‎
Lines changed: 39 additions & 1 deletion
diff --git a/‎README.md‎
Lines changed: 26 additions & 3 deletions b/‎README.md‎
Lines changed: 26 additions & 3 deletions
diff --git a/‎config/config.php‎
Lines changed: 15 additions & 1 deletion b/‎config/config.php‎
Lines changed: 15 additions & 1 deletion
diff --git a/‎src/Oauth2CredentialManagers/CacheStore.php‎
Lines changed: 131 additions & 0 deletions b/‎src/Oauth2CredentialManagers/CacheStore.php‎
Lines changed: 131 additions & 0 deletions
@@ -2,6 +2,44 @@
 
 All notable changes to `laravel-xero-oauth2` will be documented in this file
 
-## 1.0.0 - 201X-XX-XX
+## v2.0.0 Release
+- Make most resolution of credentials a binding instead of a singleton to fix queued jobs #27
+- Switch OauthCredentialProvider to be an interface to allow for custom storage #8
+- Make old OauthCredentialProvider `\Webfox\Xero\Oauth2CredentialManagers\CacheStore`
+- Added new `Webfox\Xero\Oauth2CredentialManagers\FileStore` as default
+- Added ability to skip `route` helper for redirect_uri #10
+
+## v1.3.1 Release
+
+- Fix bug in Webhook.php #25
+
+## v1.3.0 Release
+
+- Remove PHP 7.4 typehint from webhook #17
+- Upgrade to v2 of the Xero API #16 
+
+## v1.2.1 Release
+
+- Specify scope separator in Oauth provider #15
+
+## v1.2.0 Release
+
+- Fix issue of credentials being forgotten #11 #10 #3
+- Updates to the readme
+- Add accounting.settings as a default scope #12
+
+## v 1.1.2
+
+- Added support for Laravel 7
+
+## v1.1.1
+
+- Remove PHP 7.4 features to maintain 7.3 compatibility
+
+## V1.1.0 Release
+
+- Added webhook support
+
+## v1.0.0 Release
 
 - initial release
@@ -51,12 +51,12 @@ namespace App\Http\Controllers;
 
 use Illuminate\Http\Request;
 use App\Http\Controllers\Controller;
-use Webfox\Xero\OauthCredentialManager;
+use Webfox\Xero\CacheStore;
 
 class XeroController extends Controller
 {
 
-    public function index(Request $request, OauthCredentialManager $xeroCredentials)
+    public function index(Request $request, CacheStore $xeroCredentials)
     {
         try {
             // Check if we've got any stored credentials
@@ -122,6 +122,30 @@ class XeroController extends Controller
 Route::get('/manage/xero', [\App\Http\Controllers\XeroController::class, 'index'])->name('xero.auth.success');
 ```
 
+## Credential Storage
+Version 1 of this package stored the credentials in the cache, while this worked for most, some users clear their cache
+on deployment of a new version of their app, this also restricted an app to only one set of credentials per codebase.
+
+Version 2 swaps this out for an interface and provides a default `FileStore` implementation which stores the credentials on
+`/storage/framework/xero.json` you can switch out the credential store (e.g. for your own `UserStore` if you wanted to store 
+the credentials against your user) in one of two ways
+
+1. If it's a simple store and Laravel can automatically resolve your bindings, simply change the `xero.credential_store` config
+key to point to your new implementation.
+2. If it requires more advanced logic (e.g. using the current user to retrieve the credentials) then you can rebind this 
+in your `AppServiceProvider` or a Middleware
+e.g.
+
+```php
+$this->app->bind(OauthCredentialManager::class, function(Application $app) {
+    return new UserStorageProvider(
+        \Auth::user(), // Storage Mechanism 
+        $app->make('session.store'), // Used for storing/retrieving oauth 2 "state" for redirects
+        $app->make(\Webfox\Xero\Oauth2Provider::class) // Used for getting redirect url and refreshing token
+    );
+});
+``` 
+
 ## Using Webhooks
 On your application in the Xero developer portal create a webhook to get your webhook key.
 
@@ -141,7 +165,6 @@ namespace App\Http\Controllers;
 use Webfox\Xero\Webhook;
 use Illuminate\Http\Request;
 use Illuminate\Http\Response;
-use Webfox\Xero\WebhookEvent;
 use XeroApi\XeroPHP\Models\Accounting\Contact;
 use XeroApi\XeroPHP\Models\Accounting\Invoice;
 
 
@@ -1,9 +1,17 @@
 <?php
 
+use Webfox\Xero\Oauth2CredentialManagers\FileStore;
+
 return [
 
     'api_host' => 'https://api.xero.com/api.xro/2.0',
 
+    /************************************************************************
+     * Class used to store credentials.
+     * Must implement OauthCredentialManager Interface
+     ************************************************************************/
+    'credential_store' => FileStore::class,
+
     'oauth' => [
         /************************************************************************
          * Client ID provided by Xero when registering your application
@@ -35,7 +43,7 @@
         /************************************************************************
          * Url to redirect to upon success
          ************************************************************************/
-        'redirect_on_success' => 'xero.auth.success',
+        'redirect_on_success'        => 'xero.auth.success',
 
         /************************************************************************
          * Url for Xero to redirect to upon granting access
@@ -44,6 +52,12 @@
          ************************************************************************/
         'redirect_uri'               => 'xero.auth.callback',
 
+        /************************************************************************
+         * If the 'redirect_uri' is not a route name, but rather a full url set
+         * this to true and we won't wrap it in `route()`
+         ************************************************************************/
+        'redirect_full_url'          => false,
+
         /************************************************************************
          * Urls for Xero's Oauth integration, you shouldn't need to change these
          ************************************************************************/
 
@@ -0,0 +1,131 @@
+<?php
+
+
+namespace Webfox\Xero\Oauth2CredentialManagers;
+
+
+use Illuminate\Session\Store;
+use Illuminate\Cache\Repository;
+use League\OAuth2\Client\Token\AccessTokenInterface;
+use Webfox\Xero\Oauth2Provider;
+use Webfox\Xero\OauthCredentialManager;
+
+class CacheStore implements OauthCredentialManager
+{
+    /** @var Repository  */
+    protected $cache;
+
+    /** @var Oauth2Provider  */
+    protected $oauthProvider;
+
+    /** @var Store */
+    protected $session;
+
+    protected $cacheKey = 'xero_oauth';
+
+    public function __construct(Repository $cache, Store $session, Oauth2Provider $oauthProvider)
+    {
+        $this->cache         = $cache;
+        $this->oauthProvider = $oauthProvider;
+        $this->session       = $session;
+    }
+
+    public function getAccessToken(): string
+    {
+        return $this->data('token');
+    }
+
+    public function getRefreshToken(): string
+    {
+        return $this->data('refresh_token');
+    }
+
+    public function getTenantId(): string
+    {
+        return $this->data('tenant_id');
+    }
+
+    public function getExpires(): int
+    {
+        return $this->data('expires');
+    }
+
+    public function getState(): string
+    {
+        return $this->session->get($this->cacheKey);
+    }
+
+    public function getAuthorizationUrl(): string
+    {
+        $redirectUrl = $this->oauthProvider->getAuthorizationUrl(['scope' => config('xero.oauth.scopes')]);
+        $this->session->put($this->cacheKey, $this->oauthProvider->getState());
+
+        return $redirectUrl;
+    }
+
+    public function getData(): array
+    {
+        return $this->data();
+    }
+
+    public function exists(): bool
+    {
+        return $this->cache->has($this->cacheKey);
+    }
+
+    public function isExpired(): bool
+    {
+        return time() >= $this->data('expires');
+    }
+
+    public function refresh(): void
+    {
+        $newAccessToken = $this->oauthProvider->getAccessToken('refresh_token', [
+            'refresh_token' => $this->getRefreshToken(),
+        ]);
+
+        $this->store($newAccessToken);
+    }
+
+    public function store(AccessTokenInterface $token, string $tenantId = null): void
+    {
+        $this->cache->forever($this->cacheKey, [
+            'token'         => $token->getToken(),
+            'refresh_token' => $token->getRefreshToken(),
+            'id_token'      => $token->getValues()['id_token'],
+            'expires'       => $token->getExpires(),
+            'tenant_id'     => $tenantId ?? $this->getTenantId()
+        ]);
+    }
+
+    public function getUser(): ?array
+    {
+
+        try {
+            $jwt = new \XeroAPI\XeroPHP\JWTClaims();
+            $jwt->setTokenId($this->data('id_token'));
+            $decodedToken = $jwt->decode();
+
+            return [
+                'given_name'  => $decodedToken->getGivenName(),
+                'family_name' => $decodedToken->getFamilyName(),
+                'email'       => $decodedToken->getEmail(),
+                'user_id'     => $decodedToken->getXeroUserId(),
+                'username'    => $decodedToken->getPreferredUsername(),
+                'session_id'  => $decodedToken->getGlobalSessionId()
+            ];
+        } catch (\Throwable $e) {
+            return null;
+        }
+    }
+
+    protected function data($key = null)
+    {
+        if (!$this->exists()) {
+            throw new \Exception('Xero oauth credentials are missing');
+        }
+
+        $cacheData = $this->cache->get($this->cacheKey);
+        return empty($key) ? $cacheData : ($cacheData[$key] ?? null);
+    }
+}