Generalized access token format #874
Conversation
lookyman
force-pushed
the
access-token-jwt
branch
from
706a415
to
fac0458
Compare
|
We still need to call that new method from all places that currently call the old one though. Which means adding it to the access token interface, which means BC break if someone doesn't use the trait and just implements the interface.. But sure, I can do that. |
lookyman
force-pushed
the
access-token-jwt
branch
from
fac0458
to
b08508f
Compare
|
I agree, but a BC break for some is better than a BC break for all IMHO :) Thanks for changing that. |
|
My two cents on the matter. The |
|
Great suggestion. Thanks @frankdejonge |
| * | ||
| * @return string | ||
| */ | ||
| public function getResponseString(CryptKey $privateKey); |
There was a problem hiding this comment.
As @frankdejonge suggested, it would be good to change this to convertToAccessToken
There was a problem hiding this comment.
I'll update it this evening.
There was a problem hiding this comment.
I updated this this morning @lookyman - hope that was ok but thought I'd save you the effort as it was a quick change.
| @@ -22,4 +22,13 @@ | |||
| * @return Token | |||
| */ | |||
| public function convertToJWT(CryptKey $privateKey); | |||
There was a problem hiding this comment.
I think this should be removed from the interface as people who don't want to use JWTs for their access token's will have no need for this. This is going to be a breaking change which is why I've flagged this change for version 8.
|
I've removed the native type hints for now as I'd prefer these were implemented project wide instead of in sections of the code. I think this is pretty close to being able to be merged in but I'm unsure about the new method name now I've reviewed it again. In our code we now can have implementations as follows: This seems strange to me due to the naming we have used. Why would an access token object need to be converted to an access token? Its name implies it already is one. I'm worried that the current name of the function isn't clear enough. I have been racking my brain trying to think of a more appropriate name. I had thought we could possibly use The best name I've come up with at the moment is simple If you have any thoughts on this @lookyman - or anyone else for that matter, I would very much appreciate a second set of eyes for this proposed adjustment |
|
I've also changed this to merge into branch 8.0.0 which I created today |
|
I don't really care about the method's name, I am fine either way. I would however love to have it without the argument, and set the key in advance, to further separate it from any hardcoded implementation. But I understand if you don't want to go in that direction right now. |
|
Hmmm. As far as I can tell, we set the private key for the response type but it is just passed to the access token. It might be more appropriate to set it on the access token as that is the entity that is using it. We can easily do this in the We could then use a Do you want to have a go at implementing this @lookyman? If not, I'm happy to make the changes tomorrow. Cheers |
|
I've updated the code @lookyman to use |
|
Thank you, I love it. |
|
Good stuff. I will merge it in now :) Cheers for all your efforts with this |
Replacement for #873