0

I'm using the Pole Emploi's API,but I encounter 401 error 25 minutes later, when my token expires.

I looked for a way to get a new token and retry the request, but no way for me to understand how Middlewares work, and if I should use a middleware for my needings.

On Guzzle's docs this is written :

Middleware functions return a function that accepts the next handler to invoke. This returned function then returns another function that acts as a composed handler-- it accepts a request and options, and returns a promise that is fulfilled with a response. Your composed middleware can modify the request, add custom request options, and modify the promise returned by the downstream handler.

And this is an example code from the docs : 

use Psr\Http\Message\RequestInterface;

function my_middleware()
{
    return function (callable $handler) {
        return function (RequestInterface $request, array $options) use ($handler) {
            return $handler($request, $options);
        };
    };
}

So I think I need to manage the "promise" to see if its HTTP code is 401, and then get a new token and retry the request ?

I'm lost, so I would appreciate if someone can explain me the logic of this with different words maybe :)

Thank you in advance.

Improve this question

2 Answers 2

Reset to default
6

It doesn't need to be that difficult, add a handler that takes care of the job, in combination with cache that expires.

If you don't use cache then I guess you could probably save it to a file along with a timestamp for expiration that you check against when fetching it.

class AuthenticationHandler
{
    private $username;
    private $password;
    private $token_name = 'access_token';

    public function __construct($username, $password)
    {
        $this->username = $username;
        $this->password = $password;
    }

    public function __invoke(callable $handler)
    {
        return function (RequestInterface $request, array $options) use ($handler) {
            if (is_null($token = Cache::get($this->token_name))) {
                $response = $this->getJWT();
                Cache::put($this->token_name, $token = $response->access_token, floor($response->expires_in));
            }

            return $handler(
                $request->withAddedHeader('Authorization', 'Bearer '.$token)
                    ->withAddedHeader('Api-Key', $this->api_key), $options
                );
        };
    }

    private function getJWT()
    {
        $response = (new Client)->request('POST', 'new/token/url', [
            'form_params' => [
                'grant_type' => 'client_credentials',
                'username' => $this->username,
                'password' => $this->password,
            ],
        ]);
        return json_decode($response->getBody());
    }
}

Then use it:

$stack = HandlerStack::create(new CurlHandler());
$stack->push(new AuthenticationHandler('username', 'password'));
$client = new GuzzleHttp\Client([
    'base_uri' => 'https://api.com',
    'handler' => $stack,
]);

Now you will always have a valid token, and you will never have to worry about it ever again.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

2

I wouldn't recommend doing this as it can become hell to debug your application and as far as I am aware Guzzle doesn't really allow access to the client from middleware. Regardless you can use Promises to get around. If I were you I would refresh token before other requests, or refresh periodically. It might be fine if you are firing requests one by one, but in a Pool it will become a nightmare because you can end up having script fetch token too often and then some request ends up with out-dated token.

Anyway here is a rough example:

use Psr\Http\Message\RequestInterface;
use Psr\Http\Message\ResponseInterface;
use GuzzleHttp\Client;
use GuzzleHttp\HandlerStack;

function my_middleware()
{
    return function (callable $handler) {
        return function (RequestInterface $request, array $options) use ($handler) {
            /**
             * @var $promise \GuzzleHttp\Promise\Promise
             */
            $promise = $handler($request, $options);

            return $promise->then(
                function (ResponseInterface $response) use ($request, $options) {
                    if ($response->getStatusCode() === 404) {
                        var_dump($response->getStatusCode());
                        var_dump(strlen($response->getBody()));

                        // Pretend we are getting new token key here
                        $client = new Client();
                        $key = $client->get('https://www.iana.org/domains/reserved');

                        // Then we modify the failed request. For your case you use ->withHeader() to change the
                        // Authorization header with your token.
                        $uri = $request->getUri();
                        $uri = $uri->withHost('google.com')->withPath('/');

                        // New instance of Request
                        $request = $request->withUri($uri);

                        // Send the request again with our new header/URL/whatever
                        return $client->sendAsync($request, $options);
                    }

                    return $response;
                }
            );
        };
    };
}

$handlerStack = HandlerStack::create();
$handlerStack->push(my_middleware());

$client = new Client([
    'base_uri' => 'https://example.org',
    'http_errors' => false,
    'handler' => $handlerStack
]);

$options = [];

$response = $client->request('GET', '/test', $options);

var_dump($response->getStatusCode());
var_dump(strlen($response->getBody()));
echo $response->getBody();
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.