Design Meeting 09 26 2013

Scott Smith edited this page Sep 26, 2013 · 8 revisions

Re-authentication by SDK

Currently, this is what would have to be done by a user of the SDK to re-authenticate upon a failed request:

$auth = new AuthClient('http://auth.pmp.io');
$token = $auth->getToken($clientId, $clientSecret);
$doc = new CollectionDocJson('http://api.pmp.io', $token);
try {
    $doc->save();
} catch (Exception $e) {
    // Error was due to authentication problem
    $newToken = $auth->getToken($clientId, $clientSecret);

    // Actually, there is currently no way to set a new token on the CollectionDocJson object,
    // but if there were, the new token would be set here

    try {
        $doc->save();
    } catch (Exception $e) {
        // No more retries, just let it fail now
    }
}

The problem is, CollectionDocJson can not re-authenticate or get a new token by itself. It only knows about the 1 token that it was instantiated with. It does not know about the AuthClient object or about the $clientId or $clientSecret. It also does not have a way to set a new token other than to re-instantiate a new object (secondary issue).

Solution 1

Allow CollectionDocJson to take the entire AuthClient object as a param instead of just a token. CollectionDocJson could then just make its own calls to AuthClient::getToken() to generate new token. This solution would require more modifications, but keeps authentication related data encapsulated in the AuthClient object. The usage would then look like:

$auth = new AuthClient('http://auth.pmp.io', $clientId, $clientSecret); 
// $auth would store $clientId and $clientSecret internally as private properties
$doc = new CollectionDocJson('http://api.pmp.io', $auth); 
// $doc would store $auth internally as private property $doc->auth
try {
    $doc->save();
} catch (Exception $e) {
    // Re-auth would have already been tried by the $doc object by making a 
    // call internally to $doc->auth->getToken()
}

Solution 2

Allow CollectionDocJson to take the $clientId and $clientSecret as params instead of just a token. CollectionDocJson instantiates its own AuthClient object (or takes one as another param like in Solution 1). CollectionDocJson uses the stored $clientId and $clientSecret with AuthClient::getToken() to get token when needed. This solution would require less modifications, but allows authentication related data to live outside AuthClient and be directly accessible to CollectionDocJson. The usage would then look like:

$doc = new CollectionDocJson('http://api.pmp.io', $clientId, $clientSecret); 
// $doc stores $clientId and $clientSecret internally (and also $auth either passed in as param or instantiated in constructor)
try {
    $doc->save();
} catch (Exception $e) {
    // Re-auth would have already been tried by the $doc object by making a 
    // call internally to $doc->auth->getToken($doc->clientId, $doc->clientSecret)
}
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.
Press h to open a hovercard with more details.