Skip to content

Commit f34e667

Browse files
pounardpounard
committed
[AccessToken] allow user to set a default token lifetime via credentials url
1 parent fdc1c96 commit f34e667

File tree

11 files changed

+50
-11
lines changed

11 files changed

+50
-11
lines changed

src/Symfony/Component/AccessToken/AccessToken.php

Lines changed: 11 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -21,16 +21,25 @@ class AccessToken implements AccessTokenInterface
2121
*/
2222
public const IN_MEMORY = 'in_memory';
2323

24+
/**
25+
* Default lifetime in use when the remote service does not expose the
26+
* token lifetime.
27+
*
28+
* @see CredentialsInterface::getDefaultLifetime() for overriding this value.
29+
*/
30+
public const DEFAULT_LIFETIME = 600;
31+
2432
protected ?\DateTimeImmutable $expiresAt;
2533
protected ?bool $hasExpired = null;
2634

2735
/**
28-
* @param string $id Identifier of credentials used for generating it
36+
* @param string $id Identifier of credentials used for generating it
37+
* @param int $expiresIn Access token lifetime in seconds
2938
*/
3039
public function __construct(
3140
protected readonly string $value,
3241
protected readonly string $type = 'Bearer',
33-
protected readonly int $expiresIn = 600,
42+
protected readonly int $expiresIn = self::DEFAULT_LIFETIME,
3443
protected readonly \DateTimeImmutable $issuedAt = new \DateTimeImmutable(),
3544
protected readonly string $id = self::IN_MEMORY,
3645
) {

src/Symfony/Component/AccessToken/Bridge/OAuth/AbstractOAuthCredentials.php

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -29,7 +29,9 @@ abstract class AbstractOAuthCredentials extends AbstractCredentials
2929
public function __construct(
3030
#[\SensitiveParameter] protected readonly ?string $tenant = null,
3131
protected readonly ?string $endpoint = null,
32+
?int $defaultLifetime = null,
3233
) {
34+
parent::__construct($defaultLifetime);
3335
}
3436

3537
/**

src/Symfony/Component/AccessToken/Bridge/OAuth/ClientCredentials.php

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -35,8 +35,9 @@ public function __construct(
3535
#[\SensitiveParameter] ?string $tenant = null,
3636
string|array|null $scope = null,
3737
?string $endpoint = null,
38+
?int $defaultLifetime = null,
3839
) {
39-
parent::__construct($tenant, $endpoint);
40+
parent::__construct($tenant, $endpoint, $defaultLifetime);
4041

4142
$this->scope = \is_string($scope) ? array_filter(explode(' ', $scope)) : $scope;
4243
}

src/Symfony/Component/AccessToken/Bridge/OAuth/ClientCredentialsProvider.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -139,7 +139,7 @@ protected function parseResponse(ClientCredentials $credentials, string $body):
139139
return new AccessToken(
140140
value: $data['access_token'],
141141
type: $data['token_type'] ?? 'Bearer',
142-
expiresIn: (int) ($data['expires_in'] ?? 600),
142+
expiresIn: (int) ($data['expires_in'] ?? $credentials->getDefaultLifetime()),
143143
id: $credentials->getId(),
144144
);
145145
}

src/Symfony/Component/AccessToken/Bridge/OAuth/OAuthFactory.php

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -40,7 +40,8 @@ public function createCredentials(Dsn $dsn): CredentialsInterface
4040
clientSecret: $clientSecret,
4141
tenant: $dsn->getOption('tenant'),
4242
scope: $dsn->getOption('scope'),
43-
endpoint: $dsn->toEndpointUrl(['grant_type', 'client_id', 'client_secret', 'tenant', 'scope']),
43+
endpoint: $dsn->toEndpointUrl(['grant_type', 'client_id', 'client_secret', 'tenant', 'scope', 'default_lifetime']),
44+
defaultLifetime: (int) $dsn->getOption('default_lifetime'),
4445
);
4546
}
4647

@@ -61,7 +62,8 @@ public function createCredentials(Dsn $dsn): CredentialsInterface
6162
clientSecret: $clientSecret,
6263
tenant: $dsn->getOption('tenant'),
6364
scope: $dsn->getOption('scope'),
64-
endpoint: $dsn->toEndpointUrl(['grant_type', 'refresh_token', 'client_id', 'client_secret', 'tenant', 'scope']),
65+
endpoint: $dsn->toEndpointUrl(['grant_type', 'refresh_token', 'client_id', 'client_secret', 'tenant', 'scope', 'default_lifetime']),
66+
defaultLifetime: (int) $dsn->getOption('default_lifetime'),
6567
);
6668
}
6769

src/Symfony/Component/AccessToken/Bridge/OAuth/RefreshTokenCredentials.php

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -37,8 +37,9 @@ public function __construct(
3737
#[\SensitiveParameter] ?string $tenant = null,
3838
string|array|null $scope = null,
3939
?string $endpoint = null,
40+
?int $defaultLifetime = null,
4041
) {
41-
parent::__construct($tenant, $endpoint);
42+
parent::__construct($tenant, $endpoint, $defaultLifetime);
4243

4344
$this->scope = \is_string($scope) ? array_filter(explode(' ', $scope)) : $scope;
4445
}

src/Symfony/Component/AccessToken/Bridge/OAuth/RefreshTokenProvider.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -139,7 +139,7 @@ protected function parseResponse(RefreshTokenCredentials $credentials, string $b
139139
return new AccessToken(
140140
value: $data['access_token'],
141141
type: $data['token_type'] ?? 'Bearer',
142-
expiresIn: (int) ($data['expires_in'] ?? 600),
142+
expiresIn: (int) ($data['expires_in'] ?? $credentials->getDefaultLifetime()),
143143
id: $credentials->getId(),
144144
);
145145
}

src/Symfony/Component/AccessToken/Credentials/AbstractCredentials.php

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,7 @@
1111

1212
namespace Symfony\Component\AccessToken\Credentials;
1313

14+
use Symfony\Component\AccessToken\AccessToken;
1415
use Symfony\Component\AccessToken\CredentialsInterface;
1516

1617
/**
@@ -25,8 +26,18 @@ abstract class AbstractCredentials implements CredentialsInterface
2526
*/
2627
protected abstract function computeId(): string;
2728

29+
public function __construct(
30+
private ?int $defaultLifetime = null
31+
) {
32+
}
33+
2834
public function getId(): string
2935
{
3036
return $this->id ??= $this->computeId();
3137
}
38+
39+
public function getDefaultLifetime(): int
40+
{
41+
return $this->defaultLifetime ?? AccessToken::DEFAULT_LIFETIME;
42+
}
3243
}

src/Symfony/Component/AccessToken/Credentials/BasicAuthCredentials.php

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -21,7 +21,10 @@ class BasicAuthCredentials extends AbstractCredentials
2121
public function __construct(
2222
private readonly string $username,
2323
private readonly ?string $password = null,
24-
) {}
24+
?int $defaultLifetime = null,
25+
) {
26+
parent::__construct($defaultLifetime);
27+
}
2528

2629
public function getUsername(): string
2730
{

src/Symfony/Component/AccessToken/CredentialsInterface.php

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -29,4 +29,12 @@ interface CredentialsInterface
2929
* order to avoid cache pollution.
3030
*/
3131
public function getId(): string;
32+
33+
/**
34+
* Get default lifetime for this credentials.
35+
*
36+
* When the remote service does not give any information about token
37+
* lifetime, the value here will be used.
38+
*/
39+
public function getDefaultLifetime(): int;
3240
}

0 commit comments

Comments
 (0)