change FileStore to use FilesystemManager with disk configuration (#67)

stevethomas · web-flow · commit 9811badec220 · 2022-03-22T10:41:35.000+13:00
* change FileStore to use FilesystemManager with disk configuration
diff --git a/README.md b/README.md
@@ -127,12 +127,12 @@ Route::get('/manage/xero', [\App\Http\Controllers\XeroController::class, 'index'
 ```
 
 ## Credential Storage
-Version 1 of this package stored the credentials in the cache, while this worked for most, some users clear their cache
-on deployment of a new version of their app, this also restricted an app to only one set of credentials per codebase.
+Credentials are stored in a JSON file using the default disk on the Laravel Filesystem, with visibility set to private. This allows credential sharing across multiple servers using a shared disk such as S3, regardless of which server conducted the OAuth flow.
 
-Version 2 swaps this out for an interface and provides a default `FileStore` implementation which stores the credentials on
-`/storage/framework/xero.json` you can switch out the credential store (e.g. for your own `UserStore` if you wanted to store 
-the credentials against your user) in one of two ways
+To use a different disk, change the `xero.credential_disk` config item to another disk defined in `config/filesystem.php`.
+
+You can switch out the credential store (e.g. for your own `UserStore` if you wanted to store 
+the credentials against your user) in one of two ways:
 
 1. If it's a simple store and Laravel can automatically resolve your bindings, simply change the `xero.credential_store` config
 key to point to your new implementation.
diff --git a/config/config.php b/config/config.php
@@ -12,6 +12,11 @@
      ************************************************************************/
     'credential_store' => FileStore::class,
 
+    /************************************************************************
+     * Disk used to store credentials.
+     ************************************************************************/
+    'credential_disk' => env('XERO_CREDENTIAL_DISK'),
+
     'oauth' => [
         /************************************************************************
          * Client ID provided by Xero when registering your application
diff --git a/src/Oauth2CredentialManagers/FileStore.php b/src/Oauth2CredentialManagers/FileStore.php
@@ -4,16 +4,16 @@
 namespace Webfox\Xero\Oauth2CredentialManagers;
 
 
-use Illuminate\Filesystem\Filesystem;
+use Illuminate\Filesystem\FilesystemManager;
 use Illuminate\Session\Store;
 use League\OAuth2\Client\Token\AccessTokenInterface;
 use Webfox\Xero\Oauth2Provider;
 use Webfox\Xero\OauthCredentialManager;
 
 class FileStore implements OauthCredentialManager
 {
-    /** @var Filesystem  */
-    protected $files;
+    /** @var FilesystemManager  */
+    protected $disk;
 
     /** @var Oauth2Provider  */
     protected $oauthProvider;
@@ -24,12 +24,12 @@ class FileStore implements OauthCredentialManager
     /** @var string */
     protected $filePath;
 
-    public function __construct(Filesystem $files, Store $session, Oauth2Provider $oauthProvider)
+    public function __construct(FilesystemManager $files, Store $session, Oauth2Provider $oauthProvider)
     {
-        $this->files         = $files;
+        $this->disk          = $files->disk(config('xero.credential_disk', config('filesystems.default')));
         $this->oauthProvider = $oauthProvider;
         $this->session       = $session;
-        $this->filePath      = storage_path('framework/xero.json');
+        $this->filePath      = 'xero.json';
     }
 
     public function getAccessToken(): string
@@ -72,7 +72,7 @@ public function getData(): array
 
     public function exists(): bool
     {
-        return $this->files->exists($this->filePath);
+        return $this->disk->exists($this->filePath);
     }
 
     public function isExpired(): bool
@@ -92,14 +92,14 @@ public function refresh(): void
 
     public function store(AccessTokenInterface $token, string $tenantId = null): void
     {
-        $ret = $this->files->put($this->filePath, json_encode([
+        $ret = $this->disk->put($this->filePath, json_encode([
             'token'         => $token->getToken(),
             'refresh_token' => $token->getRefreshToken(),
             'id_token'      => $token->getValues()['id_token'],
             'expires'       => $token->getExpires(),
             'tenant_id'     => $tenantId ?? $this->getTenantId()
-        ]));
-        
+        ]), 'private');
+
         if ($ret === false) {
             throw new \Exception("Failed to write to file: {$this->filePath}");
         }
@@ -132,7 +132,7 @@ protected function data($key = null)
             throw new \Exception('Xero oauth credentials are missing');
         }
 
-        $cacheData = json_decode($this->files->get($this->filePath), true);
+        $cacheData = json_decode($this->disk->get($this->filePath), true);
 
         return empty($key) ? $cacheData : ($cacheData[$key] ?? null);
     }
