-
-
Notifications
You must be signed in to change notification settings - Fork 1.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Generalized access token format #874
Conversation
706a415
to
fac0458
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We could avoid a BC break if getResponseString
was a new method that called convertToJWT
in AccessTokenTrait.php
. In case any implementors are relying on convertToJWT
's existence.
We still need to call that new method from all places that currently call the old one though. Which means adding it to the access token interface, which means BC break if someone doesn't use the trait and just implements the interface.. But sure, I can do that. |
fac0458
to
b08508f
Compare
I agree, but a BC break for some is better than a BC break for all IMHO :) Thanks for changing that. |
My two cents on the matter. The |
Great suggestion. Thanks @frankdejonge |
* | ||
* @return string | ||
*/ | ||
public function getResponseString(CryptKey $privateKey); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
As @frankdejonge suggested, it would be good to change this to convertToAccessToken
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'll update it this evening.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I updated this this morning @lookyman - hope that was ok but thought I'd save you the effort as it was a quick change.
@@ -22,4 +22,13 @@ | |||
* @return Token | |||
*/ | |||
public function convertToJWT(CryptKey $privateKey); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this should be removed from the interface as people who don't want to use JWTs for their access token's will have no need for this. This is going to be a breaking change which is why I've flagged this change for version 8.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done.
I've removed the native type hints for now as I'd prefer these were implemented project wide instead of in sections of the code. I think this is pretty close to being able to be merged in but I'm unsure about the new method name now I've reviewed it again. In our code we now can have implementations as follows:
This seems strange to me due to the naming we have used. Why would an access token object need to be converted to an access token? Its name implies it already is one. I'm worried that the current name of the function isn't clear enough. I have been racking my brain trying to think of a more appropriate name. I had thought we could possibly use The best name I've come up with at the moment is simple
If you have any thoughts on this @lookyman - or anyone else for that matter, I would very much appreciate a second set of eyes for this proposed adjustment |
I've also changed this to merge into branch 8.0.0 which I created today |
I don't really care about the method's name, I am fine either way. I would however love to have it without the argument, and set the key in advance, to further separate it from any hardcoded implementation. But I understand if you don't want to go in that direction right now. |
Hmmm. As far as I can tell, we set the private key for the response type but it is just passed to the access token. It might be more appropriate to set it on the access token as that is the entity that is using it. We can easily do this in the We could then use a Do you want to have a go at implementing this @lookyman? If not, I'm happy to make the changes tomorrow. Cheers |
I've updated the code @lookyman to use |
Thank you, I love it. |
Good stuff. I will merge it in now :) Cheers for all your efforts with this |
Replacement for #873