Improve refresh token handling to avoid infinite recursion (#37)

webgriffe · Feb 22, 2021 · fc5e54c · fc5e54c
1 parent 0655faf
commit fc5e54c
Showing 1 changed file with 17 additions and 14 deletions.
diff --git a/src/ApiClient.php b/src/ApiClient.php
@@ -13,10 +13,10 @@
 
 final class ApiClient implements ApiClientInterface, AttributeOptionsApiClientInterface
 {
-    /** @var string */
+    /** @var string|null */
     private $accessToken;
 
-    /** @var string */
+    /** @var string|null */
     private $refreshToken;
 
     /** @var ClientInterface */
@@ -71,7 +71,7 @@ public function __construct(
      * @throws GuzzleException
      * @throws \HttpException
      */
-    public function authenticatedRequest(string $uri, string $method, array $headers): array
+    public function authenticatedRequest(string $uri, string $method, array $headers, bool $withRefresh = false): array
     {
         if (strpos($uri, '/') === 0) {
             $uri = $this->baseUrl . $uri;
@@ -81,6 +81,10 @@ public function authenticatedRequest(string $uri, string $method, array $headers
             $this->login();
         }
 
+        if ($withRefresh) {
+            $this->refreshAccessToken();
+        }
+
         $headers = array_merge(
             $headers,
             [
@@ -93,12 +97,9 @@ public function authenticatedRequest(string $uri, string $method, array $headers
         $statusClass = (int) ($response->getStatusCode() / 100);
         $responseResult = json_decode($response->getBody()->getContents(), true);
 
-        $accessTokenHasExpired = $response->getStatusCode() === 401
-            && (string) $responseResult['message'] === 'The access token provided has expired.';
-        if ($accessTokenHasExpired) {
-            $this->refreshAccessToken();
-
-            return $this->authenticatedRequest($uri, $method, $headers);
+        $accessTokenHasExpired = $response->getStatusCode() === 401;
+        if ($accessTokenHasExpired && !$withRefresh) {
+            return $this->authenticatedRequest($uri, $method, $headers, true);
         }
 
         if ($statusClass !== 2) {
@@ -144,6 +145,7 @@ public function findAttribute(string $code): ?array
     public function downloadFile(string $code): \SplFileInfo
     {
         $endpoint = sprintf('/api/rest/v1/media-files/%s/download', $code);
+        Assert::string($this->accessToken);
         $headers = ['Authorization' => sprintf('Bearer %s', $this->accessToken)];
         $request = new Request('GET', $this->baseUrl . $endpoint, $headers);
         $response = $this->httpClient->send($request);
@@ -281,11 +283,10 @@ private function generateTempFilePath(): string
         return $this->temporaryFilesManager->generateTemporaryFilePath();
     }
 
+
     /**
-     * @param bool $body
-     *
-     * @return mixed
-     *
+     * @param string $body
+     * @return array{access_token: string, refresh_token: string, expires_in: int, token_type: string, scope: string|null}
      * @throws GuzzleException
      */
     private function makeOauthRequest(string $body)
@@ -307,6 +308,8 @@ private function makeOauthRequest(string $body)
         ];
         $rawResponse = $this->httpClient->send($request, $options);
 
-        return  json_decode($rawResponse->getBody()->getContents(), true);
+        /** @var array{access_token: string, refresh_token: string, expires_in: int, token_type: string, scope: string|null} $result */
+        $result = json_decode($rawResponse->getBody()->getContents(), true);
+        return $result;
     }
 }