Create a request extractor API to replace the static method for extracting the refresh token from the request #256
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
@mbabker What do you think about remove instead of marking as deprecated because we're going to release it in a BC major update (v1.0) , maybe we need to introduce a CHANGELOG.md And it would be interesting to add a section in readme telling how to use extractor |
|
Changelog file started, removed the old class, and updated the README. |
…cting the refresh token from the request
maxhelias
reviewed
Jul 16, 2021
|
|
||
| $services->set('gesdinet.jwtrefreshtoken.request.extractor.request_body') | ||
| ->class(RequestBodyExtractor::class) | ||
| ->public() |
There was a problem hiding this comment.
I think we don't need to have the extractors in public, the chain is enough.
There was a problem hiding this comment.
Yeah, you’re probably right. That was most likely just excessive copy/paste.
There was a problem hiding this comment.
It's just a detail, don't listen me 😄
It's a great evolution in any case, good job !
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes #95
RequestRefreshToken::getRefreshToken()is a static method which makes it pretty difficult to customize the behavior for extracting the refresh token from the request data (as essentially you need to replace all services calling it with a custom implementation of those services then add a custom handler for pulling data from the request). To get around this limitation, a new request extractor API (inspired by the similar API inLexikJWTAuthenticationBundle) is introduced with this PR and the current static method removed.The default implementation that is aliased to the new interface is a chain extractor that will iterate over all extractors until finding a token. Similar to the current behavior, null is returned from the extractor API if a token can't be found.
Extractors can be added in applications by implementing
Gesdinet\JWTRefreshTokenBundle\Request\Extractor\ExtractorInterface(which is configured to support autowiring and automatically tagging the class with thegesdinet_jwt_refresh_token.request_extractorcontainer tag). The tag also supports priorities, so applications can prioritize the extractors as desired.