Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Custom unique identifier generator #1365

Open
AurelienPillevesse opened this issue Aug 9, 2023 · 1 comment
Open

Custom unique identifier generator #1365

AurelienPillevesse opened this issue Aug 9, 2023 · 1 comment

Comments

@AurelienPillevesse
Copy link

AurelienPillevesse commented Aug 9, 2023
edited
Loading

Currently, the unique identifier generator is a function available here that cannot be easily modified:

oauth2-server/src/Grant/AbstractGrant.php

Line 569 in eb91b41

protected function generateUniqueIdentifier($length = 40)

Would it be possible to customize the generation of the unique identifier?
In my case, I'd like to use the UUID, for example, to make sure that the identifier is unique.
In someone else's case, he'd like to use the auto-incremented ID.

What do you think of this improvement to make unique ID generation more easily modifiable?

An idea could be :

public function enableGrantType(GrantTypeInterface $grantType, DateInterval $accessTokenTTL = null, UniqueIdGeneratorInterface $uniqueIdGenerator = null)
{
    if ($accessTokenTTL === null) {
        $accessTokenTTL = new DateInterval('PT1H');
    }

    --> if ($uniqueIdGenerator === null) {
    -->     $uniqueIdGenerator = /*a class which represents the current unique id generator behavior */;
    --> }

    $grantType->setAccessTokenRepository($this->accessTokenRepository);
    $grantType->setClientRepository($this->clientRepository);
    $grantType->setScopeRepository($this->scopeRepository);
    $grantType->setDefaultScope($this->defaultScope);
    $grantType->setPrivateKey($this->privateKey);
    $grantType->setEmitter($this->getEmitter());
    $grantType->setEncryptionKey($this->encryptionKey);
    $grantType->revokeRefreshTokens($this->revokeRefreshTokens);
    --> $grantType->setUniqueIdGenerator($uniqueIdGenerator);

    $this->enabledGrantTypes[$grantType->getIdentifier()] = $grantType;
    $this->grantTypeAccessTokenTTL[$grantType->getIdentifier()] = $accessTokenTTL;
}

Or another idea :

(instead of this)

while ($maxGenerationAttempts-- > 0) {
    $accessToken->setIdentifier($this->generateUniqueIdentifier());
    try {
        $this->accessTokenRepository->persistNewAccessToken($accessToken);
        return $accessToken;
    } catch (UniqueTokenIdentifierConstraintViolationException $e) {
        if ($maxGenerationAttempts === 0) {
            throw $e;
        }
    }
}


(doing this)        

$accessToken->setIdentifier($this->accessTokenRepository->getUniqueIdentifier());
$this->accessTokenRepository->persistNewAccessToken($accessToken);
return $accessToken;
@marcriemer
Copy link

I suggest that the creation of unique identifiers should be handled within the repositories.

For example: The new getNewToken() function should be responsible for setting the identifier.

Additionally, it might be beneficial to check for an existing identifier to prevent overwriting in case the repository has already generated a unique identifier.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@marcriemer @AurelienPillevesse