fix: #225: revert autoconfiguration of League\OAuth2\Server\Grant\GrantTypeInterface

Author: TLG-Gildas

docs/implementing-custom-grant-type.md

@@ -43,9 +43,7 @@
     ```
 
 1. In order to enable the new grant type in the authorization server you must register the service in the container.
-`\League\OAuth2\Server\Grant\GrantTypeInterface` is registered for autoconfiguration
-
-    - but you can manually declare the service with the `league.oauth2_server.authorization_server.grant` tag:
+And the service must be tagged with the `league.oauth2_server.authorization_server.grant` tag:
 
     ```yaml
     services:
@@ -55,24 +53,7 @@
           - {name: league.oauth2_server.authorization_server.grant}
     ```
 
-   - If you prefer php configuration, you could use `AutoconfigureTag` symfony attribute for the same result :
-
-    ```php
-   <?php
-   ...
-
-   use Symfony\Component\DependencyInjection\Attribute\AutoconfigureTag;
-
-   #[AutoconfigureTag(name: 'league.oauth2_server.authorization_server.grant')]
-   final class FakeGrant extends AbstractGrant implements GrantTypeInterface
-   {
-       ...
-   }
-    ```
-
-1. In order to defined access token TTL for your custom grant, you could:
-
-    - define a custom access token TTL for your grant using `accessTokenTTL` tag attribute :
+    You could define a custom access token TTL for your grant using `accessTokenTTL` tag attribute :
 
     ```yaml
     services:
@@ -82,7 +63,7 @@
           - {name: league.oauth2_server.authorization_server.grant, accessTokenTTL: PT5H}
     ```
 
-    - or via `AutoconfigureTag` :
+    If you prefer php configuration, you could use `AutoconfigureTag` symfony attribute for the same result :
 
     ```php
    <?php
@@ -97,22 +78,7 @@
    }
     ```
 
-    - and last option is usage of `\League\Bundle\OAuth2ServerBundle\Attribute\WithAccessTokenTTL` attribute (note: service must be registered with correct tag before, this is already done if autoconfiguration is activated):
-
-    ```php
-   <?php
-   ...
-
-   use League\Bundle\OAuth2ServerBundle\Attribute\WithAccessTokenTTL;
-
-   #[WithAccessTokenTTL(accessTokenTTL: 'PT5H')]
-   final class FakeGrant extends AbstractGrant implements GrantTypeInterface
-   {
-       ...
-   }
-    ```
-
-    For all of these options, if `accessTokenTTL` is not defined, then bundle config is used `league_oauth2_server.authorization_server.access_token_ttl` (same as `league.oauth2_server.access_token_ttl.default` service container parameter). \
+    If `accessTokenTTL` tag attribute is not defined, then bundle config is used `league_oauth2_server.authorization_server.access_token_ttl` (same as `league.oauth2_server.access_token_ttl.default` service container parameter). \
     `null` is considered as defined, to allow to unset ttl. \
    `league_oauth2_server.authorization_server.refresh_token_ttl` is also accessible for your implementation using `league.oauth2_server.refresh_token_ttl.default` service container parameter.
 

src/Attribute/WithAccessTokenTTL.php

@@ -4,7 +4,6 @@
 
 namespace League\Bundle\OAuth2ServerBundle\DependencyInjection\CompilerPass;
 
-use League\Bundle\OAuth2ServerBundle\Attribute\WithAccessTokenTTL;
 use League\Bundle\OAuth2ServerBundle\AuthorizationServer\GrantTypeInterface;
 use League\OAuth2\Server\AuthorizationServer;
 use Symfony\Component\DependencyInjection\Compiler\CompilerPassInterface;
@@ -28,48 +27,36 @@ public function process(ContainerBuilder $container): void
 
         // enable grant type for each
         foreach ($taggedServices as $id => $tags) {
-            // we only use the first tag
-            // this allow to override autoregistration of interface to be able to set accessTokenTTL
-            // since autoregistered tag are defined in last
-            $attributes = array_shift($tags);
-
+            // skip of custom grant using \League\Bundle\OAuth2ServerBundle\AuthorizationServer\GrantTypeInterface
+            // since there are handled by \League\Bundle\OAuth2ServerBundle\AuthorizationServer\GrantConfigurator
+            // TODO remove code bloc when bundle interface and configurator will be deleted
             try {
                 $grantDefinition = $container->findDefinition($id);
                 /** @var class-string|null $grantClass */
                 $grantClass = $grantDefinition->getClass();
                 if (null !== $grantClass) {
                     $refGrantClass = new \ReflectionClass($grantClass);
-
-                    // skip of custom grant using \League\Bundle\OAuth2ServerBundle\AuthorizationServer\GrantTypeInterface
-                    // since there are handled by \League\Bundle\OAuth2ServerBundle\AuthorizationServer\GrantConfigurator
-                    // TODO remove code bloc when bundle interface and configurator will be deleted
                     if ($refGrantClass->implementsInterface(GrantTypeInterface::class)) {
                         continue;
                     }
-
-                    // read of accessTokenTTL from WithAccessTokenTTL attribute
-                    $withAccessTokenTTLAttributes = $refGrantClass->getAttributes(WithAccessTokenTTL::class);
-                    if (\count($withAccessTokenTTLAttributes) > 0) {
-                        // we only use first attribute, because WithAccessTokenTTL is not repeatable
-                        $withAccessTokenTTLAttributeArguments = array_shift($withAccessTokenTTLAttributes)->getArguments();
-                        $attributes['accessTokenTTL'] = array_shift($withAccessTokenTTLAttributeArguments);
-                    }
                 }
             } catch (\ReflectionException) {
-                // handling of this service as native one or without attribute
+                // handling of this service as native one
             }
 
-            // use WithAccessTokenTTL value then accessTokenTTL tag attribute if exists, otherwise use global bundle config
-            $accessTokenTTLValue = \array_key_exists('accessTokenTTL', $attributes)
-                ? $attributes['accessTokenTTL']
-                : $container->getParameter('league.oauth2_server.access_token_ttl.default');
-
-            $definition->addMethodCall('enableGrantType', [
-                new Reference($id),
-                (\is_string($accessTokenTTLValue))
-                    ? new Definition(\DateInterval::class, [$accessTokenTTLValue])
-                    : $accessTokenTTLValue,
-            ]);
+            foreach ($tags as $attributes) {
+                // use accessTokenTTL tag attribute if exists, otherwise use global bundle config
+                $accessTokenTTLValue = \array_key_exists('accessTokenTTL', $attributes)
+                    ? $attributes['accessTokenTTL']
+                    : $container->getParameter('league.oauth2_server.access_token_ttl.default');
+
+                $definition->addMethodCall('enableGrantType', [
+                    new Reference($id),
+                    (\is_string($accessTokenTTLValue))
+                        ? new Definition(\DateInterval::class, [$accessTokenTTLValue])
+                        : $accessTokenTTLValue,
+                ]);
+            }
         }
     }
 }

src/DependencyInjection/CompilerPass/GrantTypePass.php

@@ -31,7 +31,6 @@
 use League\OAuth2\Server\CryptKey;
 use League\OAuth2\Server\Grant\AuthCodeGrant;
 use League\OAuth2\Server\Grant\ClientCredentialsGrant;
-use League\OAuth2\Server\Grant\GrantTypeInterface as LeagueGrantTypeInterface;
 use League\OAuth2\Server\Grant\ImplicitGrant;
 use League\OAuth2\Server\Grant\PasswordGrant;
 use League\OAuth2\Server\Grant\RefreshTokenGrant;
@@ -70,9 +69,6 @@ public function load(array $configs, ContainerBuilder $container)
         $container->findDefinition(OAuth2Authenticator::class)
             ->setArgument(3, $config['role_prefix']);
 
-        $container->registerForAutoconfiguration(LeagueGrantTypeInterface::class)
-            ->addTag('league.oauth2_server.authorization_server.grant');
-
         // TODO remove code bloc when bundle interface and configurator will be deleted
         $container->registerForAutoconfiguration(GrantTypeInterface::class)
             ->addTag('league.oauth2_server.authorization_server.grant');

src/DependencyInjection/LeagueOAuth2ServerExtension.php

@@ -6,10 +6,7 @@
 
 use League\Bundle\OAuth2ServerBundle\Tests\Fixtures\FakeGrant;
 use League\Bundle\OAuth2ServerBundle\Tests\Fixtures\FakeGrantNullAccessTokenTTL;
-use League\Bundle\OAuth2ServerBundle\Tests\Fixtures\FakeGrantNullAccessTokenTTLWithAttribute;
 use League\Bundle\OAuth2ServerBundle\Tests\Fixtures\FakeGrantUndefinedAccessTokenTTL;
-use League\Bundle\OAuth2ServerBundle\Tests\Fixtures\FakeGrantUndefinedAccessTokenTTLOnlyAutoconfigured;
-use League\Bundle\OAuth2ServerBundle\Tests\Fixtures\FakeGrantWithAttribute;
 use League\Bundle\OAuth2ServerBundle\Tests\Fixtures\FakeLegacyGrant;
 use League\OAuth2\Server\AuthorizationServer;
 use Symfony\Bundle\FrameworkBundle\Test\KernelTestCase;
@@ -33,14 +30,10 @@ public function testAuthorizationServerHasOurCustomGrantEnabled(): void
         $enabledGrantTypes = $reflectionProperty->getValue($authorizationServer);
         $grantTypeAccessTokenTTL = $reflectionTTLProperty->getValue($authorizationServer);
 
-        $this->assertGrantConfig('fake_grant', new \DateInterval('PT5H'), $enabledGrantTypes, $grantTypeAccessTokenTTL, FakeGrant::class);
+        $this->assertGrantConfig('fake_grant', new \DateInterval('PT3H'), $enabledGrantTypes, $grantTypeAccessTokenTTL, FakeGrant::class);
         $this->assertGrantConfig(FakeGrantNullAccessTokenTTL::class, new \DateInterval('PT1H'), $enabledGrantTypes, $grantTypeAccessTokenTTL);
         $this->assertGrantConfig(FakeGrantUndefinedAccessTokenTTL::class, new \DateInterval('PT2H'), $enabledGrantTypes, $grantTypeAccessTokenTTL);
 
-        $this->assertGrantConfig(FakeGrantWithAttribute::class, new \DateInterval('PT5H'), $enabledGrantTypes, $grantTypeAccessTokenTTL);
-        $this->assertGrantConfig(FakeGrantNullAccessTokenTTLWithAttribute::class, new \DateInterval('PT1H'), $enabledGrantTypes, $grantTypeAccessTokenTTL);
-        $this->assertGrantConfig(FakeGrantUndefinedAccessTokenTTLOnlyAutoconfigured::class, new \DateInterval('PT2H'), $enabledGrantTypes, $grantTypeAccessTokenTTL);
-
         // TODO remove code bloc when bundle interface and configurator will be deleted
         $this->assertGrantConfig('fake_legacy_grant', new \DateInterval('PT5H'), $enabledGrantTypes, $grantTypeAccessTokenTTL, FakeLegacyGrant::class);
     }

tests/Fixtures/FakeGrantNullAccessTokenTTLWithAttribute.php

@@ -16,10 +16,7 @@
 use League\Bundle\OAuth2ServerBundle\Tests\Fixtures\FakeCredentialsRevoker;
 use League\Bundle\OAuth2ServerBundle\Tests\Fixtures\FakeGrant;
 use League\Bundle\OAuth2ServerBundle\Tests\Fixtures\FakeGrantNullAccessTokenTTL;
-use League\Bundle\OAuth2ServerBundle\Tests\Fixtures\FakeGrantNullAccessTokenTTLWithAttribute;
 use League\Bundle\OAuth2ServerBundle\Tests\Fixtures\FakeGrantUndefinedAccessTokenTTL;
-use League\Bundle\OAuth2ServerBundle\Tests\Fixtures\FakeGrantUndefinedAccessTokenTTLOnlyAutoconfigured;
-use League\Bundle\OAuth2ServerBundle\Tests\Fixtures\FakeGrantWithAttribute;
 use League\Bundle\OAuth2ServerBundle\Tests\Fixtures\FakeLegacyGrant;
 use League\Bundle\OAuth2ServerBundle\Tests\Fixtures\FakeRefreshTokenManager;
 use League\Bundle\OAuth2ServerBundle\Tests\Fixtures\FixtureFactory;
@@ -252,21 +249,17 @@ private function configureCustomPersistenceServices(ContainerBuilder $container)
 
     private function registerFakeGrant(ContainerBuilder $container): void
     {
-        $container->register(FakeGrant::class)->setAutoconfigured(true)
-            // tagged twice to test this case, only first one is used
+        $container->register(FakeGrant::class)
+            // tagged twice to test this case, last one win
             ->addTag('league.oauth2_server.authorization_server.grant', ['accessTokenTTL' => 'PT5H'])
             ->addTag('league.oauth2_server.authorization_server.grant', ['accessTokenTTL' => 'PT3H']);
 
-        $container->register(FakeGrantNullAccessTokenTTL::class)->setAutoconfigured(true)
+        $container->register(FakeGrantNullAccessTokenTTL::class)
             ->addTag('league.oauth2_server.authorization_server.grant', ['accessTokenTTL' => null]);
 
-        $container->register(FakeGrantUndefinedAccessTokenTTL::class)->setAutoconfigured(true)
+        $container->register(FakeGrantUndefinedAccessTokenTTL::class)
             ->addTag('league.oauth2_server.authorization_server.grant');
 
-        $container->register(FakeGrantWithAttribute::class)->setAutoconfigured(true);
-        $container->register(FakeGrantNullAccessTokenTTLWithAttribute::class)->setAutoconfigured(true);
-        $container->register(FakeGrantUndefinedAccessTokenTTLOnlyAutoconfigured::class)->setAutoconfigured(true);
-
         // TODO remove line when bundle interface and configurator will be deleted
         $container->register(FakeLegacyGrant::class)->setAutoconfigured(true);
     }