Merge pull request #171 from Sammyjo20/feature/v2-tappable-oauth

Sammyjo20 · web-flow · commit 598421c5f2f1 · 2023-02-26T15:16:49.000Z
Feature | Added request modifier to OAuth2 process
diff --git a/src/Helpers/OAuth2/OAuthConfig.php b/src/Helpers/OAuth2/OAuthConfig.php
@@ -4,7 +4,9 @@
 
 namespace Saloon\Helpers\OAuth2;
 
+use Closure;
 use Saloon\Traits\Makeable;
+use Saloon\Contracts\Request;
 use Saloon\Exceptions\OAuthConfigValidationException;
 
 /**
@@ -56,6 +58,13 @@ class OAuthConfig
      */
     protected string $userEndpoint = 'user';
 
+    /**
+     * Callable that modifies the OAuth requests
+     *
+     * @var \Closure(\Saloon\Contracts\Request): (void)|null
+     */
+    protected ?Closure $requestModifier = null;
+
     /**
      * The default scopes that will be applied to every authorization URL.
      *
@@ -224,6 +233,40 @@ public function setDefaultScopes(array $defaultScopes): static
         return $this;
     }
 
+    /**
+     * Set the request modifier callable which can be used to modify the request being sent
+     *
+     * @param callable(\Saloon\Contracts\Request): (void) $requestModifier
+     * @return $this
+     */
+    public function setRequestModifier(callable $requestModifier): static
+    {
+        $this->requestModifier = $requestModifier(...);
+
+        return $this;
+    }
+
+    /**
+     * Invoke the OAuth2 config request modifier
+     *
+     * @template TRequest of \Saloon\Contracts\Request
+     *
+     * @param TRequest $request
+     * @return TRequest
+     */
+    public function invokeRequestModifier(Request $request): Request
+    {
+        $requestModifier = $this->requestModifier;
+
+        if (is_null($requestModifier)) {
+            return $request;
+        }
+
+        $requestModifier($request);
+
+        return $request;
+    }
+
     /**
      * Validate the OAuth2 config.
      *
diff --git a/src/Traits/OAuth2/AuthorizationCodeGrant.php b/src/Traits/OAuth2/AuthorizationCodeGrant.php
@@ -96,26 +96,37 @@ public function getAuthorizationUrl(array $scopes = [], string $state = null, st
     /**
      * Get the access token.
      *
+     * @template TRequest of \Saloon\Contracts\Request
+     *
      * @param string $code
      * @param string|null $state
      * @param string|null $expectedState
      * @param bool $returnResponse
+     * @param callable(TRequest): (void)|null $requestModifier
      * @return \Saloon\Contracts\OAuthAuthenticator|\Saloon\Contracts\Response
      * @throws \ReflectionException
      * @throws \Saloon\Exceptions\InvalidResponseClassException
      * @throws \Saloon\Exceptions\InvalidStateException
      * @throws \Saloon\Exceptions\OAuthConfigValidationException
      * @throws \Saloon\Exceptions\PendingRequestException
      */
-    public function getAccessToken(string $code, string $state = null, string $expectedState = null, bool $returnResponse = false): OAuthAuthenticator|Response
+    public function getAccessToken(string $code, string $state = null, string $expectedState = null, bool $returnResponse = false, ?callable $requestModifier = null): OAuthAuthenticator|Response
     {
         $this->oauthConfig()->validate();
 
         if (! empty($state) && ! empty($expectedState) && $state !== $expectedState) {
             throw new InvalidStateException;
         }
 
-        $response = $this->send(new GetAccessTokenRequest($code, $this->oauthConfig()));
+        $request = new GetAccessTokenRequest($code, $this->oauthConfig());
+
+        $request = $this->oauthConfig()->invokeRequestModifier($request);
+
+        if (is_callable($requestModifier)) {
+            $requestModifier($request);
+        }
+
+        $response = $this->send($request);
 
         if ($returnResponse === true) {
             return $response;
@@ -129,15 +140,18 @@ public function getAccessToken(string $code, string $state = null, string $expec
     /**
      * Refresh the access token.
      *
+     * @template TRequest of \Saloon\Contracts\Request
+     *
      * @param \Saloon\Contracts\OAuthAuthenticator|string $refreshToken
      * @param bool $returnResponse
+     * @param callable(TRequest): (void)|null $requestModifier
      * @return \Saloon\Contracts\OAuthAuthenticator|\Saloon\Contracts\Response
      * @throws \ReflectionException
      * @throws \Saloon\Exceptions\InvalidResponseClassException
      * @throws \Saloon\Exceptions\OAuthConfigValidationException
      * @throws \Saloon\Exceptions\PendingRequestException
      */
-    public function refreshAccessToken(OAuthAuthenticator|string $refreshToken, bool $returnResponse = false): OAuthAuthenticator|Response
+    public function refreshAccessToken(OAuthAuthenticator|string $refreshToken, bool $returnResponse = false, ?callable $requestModifier = null): OAuthAuthenticator|Response
     {
         $this->oauthConfig()->validate();
 
@@ -149,7 +163,15 @@ public function refreshAccessToken(OAuthAuthenticator|string $refreshToken, bool
             $refreshToken = $refreshToken->getRefreshToken();
         }
 
-        $response = $this->send(new GetRefreshTokenRequest($this->oauthConfig(), $refreshToken));
+        $request = new GetRefreshTokenRequest($this->oauthConfig(), $refreshToken);
+
+        $request = $this->oauthConfig()->invokeRequestModifier($request);
+
+        if (is_callable($requestModifier)) {
+            $requestModifier($request);
+        }
+
+        $response = $this->send($request);
 
         if ($returnResponse === true) {
             return $response;
@@ -194,17 +216,26 @@ protected function createOAuthAuthenticator(string $accessToken, string $refresh
     /**
      * Get the authenticated user.
      *
+     * @template TRequest of \Saloon\Contracts\Request
+     *
      * @param \Saloon\Contracts\OAuthAuthenticator $oauthAuthenticator
+     * @param callable(TRequest): (void)|null $requestModifier
      * @return \Saloon\Contracts\Response
      * @throws \ReflectionException
      * @throws \Saloon\Exceptions\InvalidResponseClassException
      * @throws \Saloon\Exceptions\PendingRequestException
      */
-    public function getUser(OAuthAuthenticator $oauthAuthenticator): Response
+    public function getUser(OAuthAuthenticator $oauthAuthenticator, ?callable $requestModifier = null): Response
     {
-        return $this->send(
-            GetUserRequest::make($this->oauthConfig())->authenticate($oauthAuthenticator)
-        );
+        $request = GetUserRequest::make($this->oauthConfig())->authenticate($oauthAuthenticator);
+
+        if (is_callable($requestModifier)) {
+            $requestModifier($request);
+        }
+
+        $request = $this->oauthConfig()->invokeRequestModifier($request);
+
+        return $this->send($request);
     }
 
     /**
diff --git a/tests/Feature/Oauth2/AuthCodeFlowConnectorTest.php b/tests/Feature/Oauth2/AuthCodeFlowConnectorTest.php
@@ -5,10 +5,14 @@
 use Saloon\Helpers\Str;
 use Saloon\Helpers\Date;
 use Saloon\Http\Response;
+use Saloon\Contracts\Request;
 use Saloon\Http\Faking\MockClient;
 use Saloon\Http\Faking\MockResponse;
+use Saloon\Http\OAuth2\GetUserRequest;
 use Saloon\Exceptions\InvalidStateException;
+use Saloon\Http\OAuth2\GetAccessTokenRequest;
 use Saloon\Http\Auth\AccessTokenAuthenticator;
+use Saloon\Http\OAuth2\GetRefreshTokenRequest;
 use Saloon\Tests\Fixtures\Connectors\OAuth2Connector;
 use Saloon\Tests\Fixtures\Authenticators\CustomOAuthAuthenticator;
 use Saloon\Tests\Fixtures\Connectors\CustomResponseOAuth2Connector;
@@ -73,6 +77,29 @@
     expect($authenticator->getExpiresAt())->toBeInstanceOf(DateTimeImmutable::class);
 });
 
+test('you can tap into the access token request and modify it', function () {
+    $mockClient = new MockClient([
+        MockResponse::make(['access_token' => 'access', 'refresh_token' => 'refresh', 'expires_in' => 3600], 200),
+    ]);
+
+    $connector = new OAuth2Connector;
+
+    $connector->withMockClient($mockClient);
+
+    $authenticator = $connector->getAccessToken('code', requestModifier: function (Request $request) {
+        $request->query()->add('yee', 'haw');
+    });
+
+    expect($authenticator)->toBeInstanceOf(AccessTokenAuthenticator::class);
+    expect($authenticator->getAccessToken())->toEqual('access');
+    expect($authenticator->getRefreshToken())->toEqual('refresh');
+    expect($authenticator->getExpiresAt())->toBeInstanceOf(DateTimeImmutable::class);
+
+    $mockClient->assertSentCount(1);
+
+    expect($mockClient->getLastPendingRequest()->query()->all())->toEqual(['yee' => 'haw']);
+});
+
 test('you can request the original response instead of the authenticator on the create tokens method', function () {
     $mockClient = new MockClient([
         MockResponse::make(['access_token' => 'access', 'refresh_token' => 'refresh', 'expires_in' => 3600]),
@@ -116,6 +143,31 @@
     expect($newAuthenticator->getExpiresAt())->toBeInstanceOf(DateTimeImmutable::class);
 });
 
+test('you can tap into the refresh token request', function () {
+    $mockClient = new MockClient([
+        MockResponse::make(['access_token' => 'access-new', 'refresh_token' => 'refresh-new', 'expires_in' => 3600]),
+    ]);
+
+    $connector = new OAuth2Connector;
+
+    $connector->withMockClient($mockClient);
+
+    $authenticator = new AccessTokenAuthenticator('access', 'refresh', Date::now()->addSeconds(3600)->toDateTime());
+
+    $newAuthenticator = $connector->refreshAccessToken($authenticator, requestModifier: function (Request $request) {
+        $request->query()->add('yee', 'haw');
+    });
+
+    expect($newAuthenticator)->toBeInstanceOf(AccessTokenAuthenticator::class);
+    expect($newAuthenticator->getAccessToken())->toEqual('access-new');
+    expect($newAuthenticator->getRefreshToken())->toEqual('refresh-new');
+    expect($newAuthenticator->getExpiresAt())->toBeInstanceOf(DateTimeImmutable::class);
+
+    $mockClient->assertSentCount(1);
+
+    expect($mockClient->getLastPendingRequest()->query()->all())->toEqual(['yee' => 'haw']);
+});
+
 test('the refreshAccessToken method throws an exception if you provide it an authenticator that is not refreshable', function () {
     $mockClient = new MockClient([
         MockResponse::make(['access_token' => 'access-new', 'refresh_token' => 'refresh-new', 'expires_in' => 3600]),
@@ -173,6 +225,33 @@
     ]);
 });
 
+test('you can tap into the the user request', function () {
+    $mockClient = new MockClient([
+        MockResponse::make(['user' => 'Sam']),
+    ]);
+
+    $connector = new OAuth2Connector;
+    $connector->withMockClient($mockClient);
+
+    $accessToken = new AccessTokenAuthenticator('access', 'refresh', Date::now()->addSeconds(3600)->toDateTime());
+
+    $response = $connector->getUser($accessToken, function (Request $request) {
+        $request->query()->add('yee', 'haw');
+    });
+
+    expect($response)->toBeInstanceOf(Response::class);
+
+    $pendingRequest = $response->getPendingRequest();
+
+    expect($pendingRequest->query()->all())->toEqual(['yee' => 'haw']);
+
+    expect($pendingRequest->headers()->all())->toEqual([
+        'Accept' => 'application/json',
+        'Authorization' => 'Bearer access',
+        'Content-Type' => 'application/x-www-form-urlencoded',
+    ]);
+});
+
 test('you can customize the oauth authenticator', function () {
     $mockClient = new MockClient([
         MockResponse::make(['access_token' => 'access-new', 'refresh_token' => 'refresh-new', 'expires_in' => 3600]),
@@ -186,3 +265,61 @@
     expect($authenticator)->toBeInstanceOf(CustomOAuthAuthenticator::class);
     expect($authenticator->getGreeting())->toEqual('Howdy!');
 });
+
+test('you can register a global request modifier that is called on every step of the OAuth2 process', function () {
+    $mockClient = new MockClient([
+        GetAccessTokenRequest::class => MockResponse::make(['access_token' => 'access', 'refresh_token' => 'refresh', 'expires_in' => 3600], 200),
+        GetRefreshTokenRequest::class => MockResponse::make(['access_token' => 'access-new', 'refresh_token' => 'refresh-new', 'expires_in' => 3600]),
+        GetUserRequest::class => MockResponse::make(['user' => 'Sam']),
+    ]);
+
+    $connector = new OAuth2Connector;
+    $requests = [];
+
+    $connector->oauthConfig()->setRequestModifier(function (Request $request) use (&$requests) {
+        $requests[] = $request::class;
+
+        match ($request::class) {
+            GetAccessTokenRequest::class => $request->query()->add('request', 'access'),
+            GetRefreshTokenRequest::class => $request->query()->add('request', 'refresh'),
+            GetUserRequest::class => $request->query()->add('request', 'user'),
+        };
+    });
+
+    $connector->withMockClient($mockClient);
+
+    $authenticator = $connector->getAccessToken('code');
+
+    expect($authenticator)->toBeInstanceOf(AccessTokenAuthenticator::class);
+    expect($authenticator->getAccessToken())->toEqual('access');
+    expect($authenticator->getRefreshToken())->toEqual('refresh');
+    expect($authenticator->getExpiresAt())->toBeInstanceOf(DateTimeImmutable::class);
+    expect($mockClient->getLastPendingRequest()->query()->all())->toEqual(['request' => 'access']);
+
+    $newAuthenticator = $connector->refreshAccessToken($authenticator);
+
+    expect($newAuthenticator)->toBeInstanceOf(AccessTokenAuthenticator::class);
+    expect($newAuthenticator->getAccessToken())->toEqual('access-new');
+    expect($newAuthenticator->getRefreshToken())->toEqual('refresh-new');
+    expect($newAuthenticator->getExpiresAt())->toBeInstanceOf(DateTimeImmutable::class);
+    expect($mockClient->getLastPendingRequest()->query()->all())->toEqual(['request' => 'refresh']);
+
+    $response = $connector->getUser($newAuthenticator);
+
+    expect($response)->toBeInstanceOf(Response::class);
+    expect($mockClient->getLastPendingRequest()->query()->all())->toEqual(['request' => 'user']);
+
+    $pendingRequest = $response->getPendingRequest();
+
+    expect($pendingRequest->headers()->all())->toEqual([
+        'Accept' => 'application/json',
+        'Authorization' => 'Bearer access-new',
+        'Content-Type' => 'application/x-www-form-urlencoded',
+    ]);
+
+    expect($requests)->toEqual([
+        GetAccessTokenRequest::class,
+        GetRefreshTokenRequest::class,
+        GetUserRequest::class,
+    ]);
+});
