oauth2-server icon indicating copy to clipboard operation
oauth2-server copied to clipboard

Published 20 hours ago verified publisher icon thephpleague

Split AccessTokenRepositoryInterface

Open iansltx opened this issue 7 years ago • 3 comments

For resource servers, the only method that's actually needed from the AccessTokenRepositoryInterface is isAccessTokenRevoked(). By contrast, isAccessTokenRevoked() isn't actually required for the authorization server side of the house.

Splitting the interface would reduce implementation burden when the resource server is a completely different code base than the auth server, and since interfaces support multiple inheritance BC with the existing interface can be maintained.

Any issues with this change? If not, I'll cook up a PR.

iansltx avatar Aug 30 '16 21:08 iansltx

I don't see any valid reason to split, since the access token implementation is a the discretion of this repository and all those methods are finally tied together, splitting it does not seem to make any sense at the domain language level. This was my 2 cents, I surely might be wrong.

pounard avatar Aug 31 '16 08:08 pounard

I completely agree with the proposed change - it was something I should have realised before releasing v5.

My local copy of v6 (which will be a very easy upgrade and will be maintained side-by-side with v5) already has a fix for this.

alexbilbie avatar Aug 31 '16 08:08 alexbilbie

Will have a PR for this later this evening. Code's done. Just need to update docs and add a test or two (everything passes post-changes).

iansltx avatar Feb 04 '17 22:02 iansltx