I've used Saloon for refactor third party integration. Meanwhile I observed that some integrations doesn't follow the OAuth standards then I had to create the CustomAuthenticator. Well, I have a good...
Gurpreet Kait
Author
I've used Saloon for refactor third party integration. Meanwhile I observed that some integrations doesn't follow the OAuth standards then I had to create the CustomAuthenticator.
Well, I have a good example of Amazon. That we can take as an example here.
We will create an Authenitcator first using command php artisan saloon:auth
This will create an authenticator only if you use the Laravel plugin (saloon docs).
Now we have two ways, Either you go with fully customized approach and you will create a custom request and every custom.
Else, you use saloon built-in method. For example, Saloon provides you traits for OAuth Authorization and ClientCredentials both. You can use them in your connector and take advantage of saloon.
Well, how you can use that I'll give you an example of that.
Let's say here we have a Connector called AmazonConnector.
use Saloon\Traits\OAuth2\AuthorizationCodeGrant;
class AmazonConnector{
use AuthorizationCodeGrant;
}
This AuthorizationCodeGrant trait gives you everything you need, for example. A request to get access token and refresh token. But for that you have to define the default Configs as mentioned in the code below.
protected function defaultOauthConfig(): OAuthConfig
{
return OAuthConfig::make()
->setClientId(config('amazon.lwa_client_id'))
->setClientSecret(config('amazon.lwa_client_secret'))
->setAuthorizeEndpoint(
$this->regionManager->getSellerCentralUrl()
.config('amazon.url_authorize')
)
->setRedirectUri(config('amazon.lwa_callback_url'))
->setTokenEndpoint(config('amazon.url_access_token'));
}
Now the AuthorizationCodeGrant Trait knows where to redirect and where to callback. And that's it. You are ready to move on Authenitcator part.
Make sure when you are using the custom Authenticator you have create a defaultAuth method in your connector.
public function defaultAuth(): ?Authenticator {
return new AmazonAuthenticator($this->integrationInstance);
}
I created the AmazonAuthenticator.
And this is how it look like
<?php
declare(strict_types=1);
namespace Modules\Amazon\Http\Integrations\Auth;
use DateTime;use Exception;use Modules\Amazon\Entities\AmazonIntegrationInstance;use Modules\Amazon\Http\Integrations\AmazonConnector;use Saloon\Contracts\Authenticator;use Saloon\Http\Auth\AccessTokenAuthenticator;use Saloon\Http\Auth\HeaderAuthenticator;use Saloon\Http\OAuth2\GetRefreshTokenRequest;use Saloon\Http\PendingRequest;
class AmazonAuthenticator implements Authenticator{ private ?string $accessToken = null; private ?string $restrictedDataToken = null; private array $rdtResources = [];
private AmazonConnector $connector;
public function __construct(private AmazonIntegrationInstance $integrationInstance) { $this->connector = new AmazonConnector($this->integrationInstance); }
public function set(PendingRequest $pendingRequest): void { $url = $pendingRequest->getUrl(); if (str_ends_with($url, '/token')) { $pendingRequest->headers()->merge([ 'Content-Type' => 'application/x-www-form-urlencoded', ]); $pendingRequest->headers()->remove('Authorization'); return; }
$this->handleTokenRequest($pendingRequest);
if ($this->restrictedDataToken) { $this->authenticateUsingRestrictedDataToken($pendingRequest); } else { $this->authenticateUsingAccessToken($pendingRequest); }
}
private function handleTokenRequest(PendingRequest $pendingRequest): void { if ($pendingRequest->getRequest() instanceof GetRefreshTokenRequest) { return; }
if ($this->integrationInstance->authenticator) { $authenticator = AccessTokenAuthenticator::unserialize($this->integrationInstance->authenticator); $this->accessToken = $authenticator->getAccessToken(); if ($authenticator->hasExpired()) { try { $authenticator = $this->connector->refreshAccessToken($authenticator); if (!$authenticator || !$authenticator->getAccessToken()) { throw new Exception('Failed to refresh access token'); }
$this->integrationInstance->authenticator = $authenticator->serialize(); $this->integrationInstance->save();
$authenticator = AccessTokenAuthenticator::unserialize($this->integrationInstance->authenticator); $this->accessToken = $authenticator->getAccessToken(); } catch (Exception $e) { return; } } } }
private function authenticateUsingAccessToken(PendingRequest $pendingRequest): void { $currentDateTime = new DateTime('UTC'); $reqDateTime = $currentDateTime->format('Ymd\THis\Z');
$pendingRequest->headers()->remove('Authorization'); $pendingRequest->headers()->add('x-amz-date', $reqDateTime); $pendingRequest->authenticate(new HeaderAuthenticator($this->accessToken, 'x-amz-access-token')); }
private function authenticateUsingRestrictedDataToken(PendingRequest $pendingRequest): void { $currentDateTime = new DateTime('UTC'); $reqDateTime = $currentDateTime->format('Ymd\THis\Z');
$pendingRequest->headers()->add('x-amz-date', $reqDateTime); $pendingRequest->authenticate(new HeaderAuthenticator($this->restrictedDataToken, 'x-amz-access-token')); }}
I hope this will help. Thanks