It is just an extension of the built in HTTP Client that provides a very simple, yet flexible and powerful API to manage the refreshing and usage of short lived access tokens. Managing this in a robust way required significant amount of boilerplate code or custom API clients for each integration. Now it is just a chained method call on the HTTP Client you are already using.
I’m about to release the 1.0 version, but first I wanted reach out to collect some feedback on the API and overall solution. Once I tag the 1.0 version, I don’t want to make any breaking changes for a good while.
Here is the repository:
https://github.com/pelmered/laravel-http-client-auth-helper
I’d love to get some feedback on this. Specifically I would like feedback on the following:
*
The API to use it. Is it good? How would you want to improve it?
*
What are the most sensible defaults? (See usage for example on how these are used)
*
Auth type: Basic or bearer? (for the access token)
*
Expires option (how should this be set by default? The package supports reading a field from the response from the refresh request, either as a string for the key in the response, or as a closure that receives the whole response object. You can also set it with an integer for TTL in seconds)
*
Credential token key name (If sent in body, or as a query string, what should be the the field name? Currently it is “token”)
*
Access token key (From what key should we get the access token from the refresh response be default? Accepts both a string or a closure that receives the response object and returns the token)
*
Right now I’m just using the default cache driver to store the tokens. Would you want this to be configurable?
The plan is to release version 1.0.0 with a stable API next weekend.
Thank you for reading! submitted by /u/pekz0r
[link] [comments]