kamermans/guzzle-oauth2-subscriber

TokenPersistenceInterface->restoreToken always called with new RawToken

Closed this issue · 4 comments

I have a use case (Salesforce REST api) which pulls extra fields from the server's token response and stores it as part of the token.
I store it because the extra info (a URL and an OpenID token) is used by some additional middleware.

Most of it works fine, I have a custom TokenFactory & a custom TokenInterface implementation.

My issue is that the persistence subsystem always tries to restore a RawToken, as restoreToken has a TokenInterface param - but it's only ever called with an argument of new RawToken in the codebase.

My workaround currently is to wrap the persist provider and override restoreToken to supply an instance of my token.

What are your thoughts on this? I'm not quite sure why it has the param to begin with (but I understand that changing it would likely be a breaking change)

Good point, I'm not sure why I didn't abstract that here either. You could use a ClosureTokenPersistence, which overrides that method (along with a few others):

public function __construct(callable $saveToken, callable $restoreToken, callable $deleteToken, callable $hasToken)
{
$this->doSaveToken = $saveToken;
$this->doRestoreToken = $restoreToken;
$this->doDeleteToken = $deleteToken;
$this->doHasToken = $hasToken;
}

Aside from that, to avoid a breaking change I would need some way to override the token constructor, so if it's not overridden you get a RawToken, and if it is, you can provide anything that satisfies the interface.

Perhaps we can take a leaf from Java's book and have a NewTokenSupplier closure field which defaults to RawToken? This would be on the main oauth handler class

Sure, something like that is fine with me - can you put in the PR?

Thanks for the PR, I've tested it and released it in v1.0.8