Refactored the authentication processes in order to handle Admin API and Shop API

Author: gplanchat

spec/Security/AuthenticationSpec.php

@@ -11,8 +11,6 @@ public function it_is_initializable_from_a_password()
         $this->beConstructedThrough('fromPassword', ['client_id', 'secret', 'Julia', 'Julia_pwd']);
         $this->shouldHaveType('Diglin\Sylius\ApiClient\Security\Authentication');
 
-        $this->getClientId()->shouldReturn('client_id');
-        $this->getSecret()->shouldReturn('secret');
         $this->getUsername()->shouldReturn('Julia');
         $this->getPassword()->shouldReturn('Julia_pwd');
         $this->getAccessToken()->shouldReturn(null);

src/Api/Authentication/AdminApi.php

@@ -0,0 +1,48 @@
+<?php
+/**
+ * Diglin GmbH - Switzerland.
+ *
+ * @author      Sylvain Rayé <support at diglin.com>
+ *
+ * @category    SyliusApiClient
+ *
+ * @copyright   2020 - Diglin (https://www.diglin.com)
+ */
+
+namespace Diglin\Sylius\ApiClient\Api\Authentication;
+
+use Diglin\Sylius\ApiClient\Client\HttpClient;
+use Diglin\Sylius\ApiClient\Routing\UriGeneratorInterface;
+
+/**
+ * API implementation to manage the authentication.
+ *
+ * @author    Alexandre Hocquard <[email protected]>
+ * @copyright 2017 Akeneo SAS (http://www.akeneo.com)
+ * @license   http://opensource.org/licenses/osl-3.0.php  Open Software License (OSL 3.0)
+ */
+class AdminApi implements AuthenticationApiInterface
+{
+    public const TOKEN_URI = 'api/v2/admin/authentication-token';
+
+    public function __construct(
+        private HttpClient $httpClient,
+        private UriGeneratorInterface $uriGenerator
+    ) {}
+
+    public function authenticateByPassword(string $username, string $password): array
+    {
+        $headers = [
+            'Content-Type' => 'application/json',
+        ];
+
+        $uri = $this->uriGenerator->generate(static::TOKEN_URI);
+
+        $response = $this->httpClient->sendRequest('POST', $uri, $headers, json_encode([
+            'email' => $username,
+            'password' => $password,
+        ]));
+
+        return json_decode($response->getBody()->getContents(), true);
+    }
+}

src/Api/AuthenticationApiInterface.php renamed to src/Api/Authentication/AuthenticationApiInterface.php

@@ -9,7 +9,7 @@
  * @copyright   2020 - Diglin (https://www.diglin.com)
  */
 
-namespace Diglin\Sylius\ApiClient\Api;
+namespace Diglin\Sylius\ApiClient\Api\Authentication;
 
 /**
  * API to manage the authentication.
@@ -23,23 +23,7 @@ interface AuthenticationApiInterface
     /**
      * Authenticates with the password grant type.
      *
-     * @param string $clientId
-     * @param string $secret
-     * @param string $username
-     * @param string $password
-     *
-     * @return array
-     */
-    public function authenticateByPassword($clientId, $secret, $username, $password);
-
-    /**
-     * Authenticates with the refresh token grant type.
-     *
-     * @param string $clientId
-     * @param string $secret
-     * @param string $refreshToken
-     *
-     * @return array
+     * @return array{token: string}
      */
-    public function authenticateByRefreshToken($clientId, $secret, $refreshToken);
+    public function authenticateByPassword(string $username, string $password): array;
 }

src/Api/Authentication/ShopApi.php

@@ -0,0 +1,48 @@
+<?php
+/**
+ * Diglin GmbH - Switzerland.
+ *
+ * @author      Sylvain Rayé <support at diglin.com>
+ *
+ * @category    SyliusApiClient
+ *
+ * @copyright   2020 - Diglin (https://www.diglin.com)
+ */
+
+namespace Diglin\Sylius\ApiClient\Api\Authentication;
+
+use Diglin\Sylius\ApiClient\Client\HttpClient;
+use Diglin\Sylius\ApiClient\Routing\UriGeneratorInterface;
+
+/**
+ * API implementation to manage the authentication.
+ *
+ * @author    Alexandre Hocquard <[email protected]>
+ * @copyright 2017 Akeneo SAS (http://www.akeneo.com)
+ * @license   http://opensource.org/licenses/osl-3.0.php  Open Software License (OSL 3.0)
+ */
+class ShopApi implements AuthenticationApiInterface
+{
+    public const TOKEN_URI = 'api/v2/shop/authentication-token';
+
+    public function __construct(
+        private HttpClient $httpClient,
+        private UriGeneratorInterface $uriGenerator
+    ) {}
+
+    public function authenticateByPassword(string $username, string $password): array
+    {
+        $headers = [
+            'Content-Type' => 'application/json',
+        ];
+
+        $uri = $this->uriGenerator->generate(static::TOKEN_URI);
+
+        $response = $this->httpClient->sendRequest('POST', $uri, $headers, json_encode([
+            'email' => $username,
+            'password' => $password,
+        ]));
+
+        return json_decode($response->getBody()->getContents(), true);
+    }
+}

src/Api/AuthenticationApi.php

@@ -2,9 +2,10 @@
 
 namespace Diglin\Sylius\ApiClient\Client;
 
-use Diglin\Sylius\ApiClient\Api\AuthenticationApiInterface;
+use Diglin\Sylius\ApiClient\Api;
 use Diglin\Sylius\ApiClient\Exception\UnauthorizedHttpException;
 use Diglin\Sylius\ApiClient\Security\Authentication;
+use Psr\Log\LoggerInterface;
 
 /**
  * Http client to send an authenticated request.
@@ -20,73 +21,26 @@
  */
 class AuthenticatedHttpClient implements HttpClientInterface
 {
-    /** @var HttpClient */
-    protected $basicHttpClient;
-
-    /** @var AuthenticationApiInterface */
-    protected $authenticationApi;
-
-    /** @var Authentication */
-    protected $authentication;
-
     public function __construct(
-        HttpClient $basicHttpClient,
-        AuthenticationApiInterface $authenticationApi,
-        Authentication $authentication
-    ) {
-        $this->basicHttpClient = $basicHttpClient;
-        $this->authenticationApi = $authenticationApi;
-        $this->authentication = $authentication;
-    }
+        private HttpClient $basicHttpClient,
+        private Api\Authentication\AuthenticationApiInterface $authenticationApi,
+        private Authentication $authentication,
+    ) {}
 
     /**
      * {@inheritdoc}
      */
     public function sendRequest($httpMethod, $uri, array $headers = [], $body = null)
     {
         try {
-            $xauthtokenDetected = false;
-            foreach ((array) $this->authentication->getXauthtokenHeader() as $name => $value) {
-                $headers[$name] = $value;
-                $xauthtokenDetected = true;
+            if (!$this->authentication->hasAccessToken()) {
+                $this->authentication->authenticateByPassword($this->authenticationApi);
             }
 
-            if ($xauthtokenDetected) {
-                return $this->basicHttpClient->sendRequest($httpMethod, $uri, $headers, $body);
-            }
-        } catch (UnauthorizedHttpException $e) {
-            // Do nothing and process to standard authentication
-        }
-
-        if (null === $this->authentication->getAccessToken()) {
-            $tokens = $this->authenticationApi->authenticateByPassword(
-                $this->authentication->getClientId(),
-                $this->authentication->getSecret(),
-                $this->authentication->getUsername(),
-                $this->authentication->getPassword()
-            );
-
-            $this->authentication
-                ->setAccessToken($tokens['token'])
-            ;
-        }
-
-        try {
-            $headers['Authorization'] = sprintf('Bearer %s', $this->authentication->getAccessToken());
-            $response = $this->basicHttpClient->sendRequest($httpMethod, $uri, $headers, $body);
-        } catch (UnauthorizedHttpException $e) {
-            $tokens = $this->authenticationApi->authenticateByRefreshToken(
-                $this->authentication->getClientId(),
-                $this->authentication->getSecret(),
-                $this->authentication->getRefreshToken()
-            );
-
-            $this->authentication
-                ->setAccessToken($tokens['token'])
-            ;
-
-            $headers['Authorization'] = sprintf('Bearer %s', $this->authentication->getAccessToken());
-            $response = $this->basicHttpClient->sendRequest($httpMethod, $uri, $headers, $body);
+            $response = $this->basicHttpClient->sendRequest($httpMethod, $uri, $this->authentication->appendHeaders($headers), $body);
+        } catch (UnauthorizedHttpException) {
+            $this->authentication->authenticateByPassword($this->authenticationApi);
+            $response = $this->basicHttpClient->sendRequest($httpMethod, $uri, $this->authentication->appendHeaders($headers), $body);
         }
 
         return $response;