Merge pull request #107 from ydb-platform/create-private-refresh-ratio-token-parametr

ilyakharev · web-flow · commit 46deaa0cba00 · 2023-08-22T16:15:50.000+03:00
Created refresh token ratio parameter
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,3 +1,5 @@
+* created refresh token ratio parameter
+
 ## 1.9.0
 
 * added microseconds in Timestamp type
diff --git a/src/Auth/Auth.php b/src/Auth/Auth.php
@@ -13,6 +13,8 @@ public abstract function getName(): string;
 
     protected $logger;
 
+    protected $refreshTokenRatio;
+
     public function logger(){
         return $this->logger;
     }
@@ -21,6 +23,25 @@ public function setLogger($logger){
         $this->logger = $logger;
     }
 
+    /**
+     * @return float
+     */
+    public function getRefreshTokenRatio(): float
+    {
+        return $this->refreshTokenRatio;
+    }
+
+    /**
+     * @param float $refreshTokenRatio
+     */
+    public function setRefreshTokenRatio($refreshTokenRatio): void
+    {
+        if($refreshTokenRatio<=0||$refreshTokenRatio>=1){
+            throw new \Exception("Refresh token ratio. Expected number between 0 and 1.");
+        }
+        $this->refreshTokenRatio = $refreshTokenRatio;
+    }
+
     /**
      * @param string $expiresAt
      * @return int
diff --git a/src/Auth/Implement/AccessTokenAuthentication.php b/src/Auth/Implement/AccessTokenAuthentication.php
@@ -18,7 +18,7 @@ public function __construct(string $access_token)
 
     public function getTokenInfo(): TokenInfo
     {
-        return new TokenInfo($this->access_token, time()+24*60*60);
+        return new TokenInfo($this->access_token, time()+24*60*60, $this->refreshTokenRatio);
     }
 
     public function getName(): string
diff --git a/src/Auth/Implement/AnonymousAuthentication.php b/src/Auth/Implement/AnonymousAuthentication.php
@@ -13,7 +13,7 @@ public function __construct()
 
     public function getTokenInfo(): TokenInfo
     {
-        return new TokenInfo("", time()+24*3600);
+        return new TokenInfo("", time()+24*3600, $this->refreshTokenRatio);
     }
 
     public function getName(): string
diff --git a/src/Auth/Implement/JwtWithJsonAuthentication.php b/src/Auth/Implement/JwtWithJsonAuthentication.php
@@ -35,7 +35,7 @@ public function getTokenInfo(): TokenInfo
             'jwt' => $jwt_token,
         ];
         $token = $this->requestToken($request_data);
-        return new TokenInfo($token->iamToken, $this->convertExpiresAt($token->expiresAt));
+        return new TokenInfo($token->iamToken, $this->convertExpiresAt($token->expiresAt), $this->refreshTokenRatio);
     }
 
     public function getName(): string
diff --git a/src/Auth/Implement/JwtWithPrivateKeyAuthentication.php b/src/Auth/Implement/JwtWithPrivateKeyAuthentication.php
@@ -29,7 +29,7 @@ public function getTokenInfo(): TokenInfo
             'jwt' => $jwt_token,
         ];
         $token = $this->requestToken($request_data);
-        return new TokenInfo($token->iamToken, $this->convertExpiresAt($token->expiresAt));
+        return new TokenInfo($token->iamToken, $this->convertExpiresAt($token->expiresAt), $this->refreshTokenRatio);
     }
 
     public function getName(): string
diff --git a/src/Auth/Implement/MetadataAuthentication.php b/src/Auth/Implement/MetadataAuthentication.php
@@ -12,7 +12,7 @@ class MetadataAuthentication extends \YdbPlatform\Ydb\Auth\Auth
     public function getTokenInfo(): TokenInfo
     {
         $token = $this->requestTokenFromMetadata();
-        return new TokenInfo($token->iamToken, $this->convertExpiresAt($token->expiresAt));
+        return new TokenInfo($token->iamToken, $this->convertExpiresAt($token->expiresAt), $this->refreshTokenRatio);
     }
 
     public function getName(): string
diff --git a/src/Auth/Implement/OAuthTokenAuthentication.php b/src/Auth/Implement/OAuthTokenAuthentication.php
@@ -22,7 +22,7 @@ public function getTokenInfo(): TokenInfo
             'yandexPassportOauthToken' => $this->oauth_token,
         ];
         $token = $this->requestToken($request_data);
-        return new TokenInfo($token->iamToken, $this->convertExpiresAt($token->expiresAt));
+        return new TokenInfo($token->iamToken, $this->convertExpiresAt($token->expiresAt), $this->refreshTokenRatio);
     }
 
     public function getName(): string
diff --git a/src/Auth/TokenInfo.php b/src/Auth/TokenInfo.php
@@ -4,7 +4,6 @@
 
 class TokenInfo
 {
-    const _PRIVATE_REFRESH_RATIO = 0.1;
     /**
      * @var string
      */
@@ -16,11 +15,11 @@ class TokenInfo
 
     private $refreshAt;
 
-    public function __construct(string $token, int $expiresAt)
+    public function __construct(string $token, int $expiresAt, float $refreshRatio = 0.1)
     {
         $this->token = $token;
         $this->expiresAt = $expiresAt;
-        $this->refreshAt = time() + round(TokenInfo::_PRIVATE_REFRESH_RATIO*($this->expiresAt-time()),0);
+        $this->refreshAt = time() + round($refreshRatio*($this->expiresAt-time()),0);
     }
 
     /**
diff --git a/src/Iam.php b/src/Iam.php
@@ -10,6 +10,7 @@
 use YdbPlatform\Ydb\Auth\Implement\AnonymousAuthentication;
 use YdbPlatform\Ydb\Auth\Implement\JwtWithJsonAuthentication;
 use YdbPlatform\Ydb\Auth\Implement\JwtWithPrivateKeyAuthentication;
+use YdbPlatform\Ydb\Auth\Implement\MetadataAuthentication;
 use YdbPlatform\Ydb\Auth\Implement\OAuthTokenAuthentication;
 use YdbPlatform\Ydb\Contracts\IamTokenContract;
 
@@ -153,6 +154,10 @@ protected function parseConfig(array $config)
             $parsedConfig["credentials"] = $config["credentials"];
         }
 
+        if (isset($config["refresh_token_ratio"])){
+            $parsedConfig["refresh_token_ratio"] = $config["refresh_token_ratio"];
+        }
+
         foreach ($stringParams as $param)
         {
             $parsedConfig[$param] = (string)($config[$param] ?? '');
@@ -197,6 +202,8 @@ protected function initConfig()
         else if ($this->config('use_metadata'))
         {
             $this->logger()->info('YDB: Authentication method: Metadata URL');
+            $this->config['credentials'] = new MetadataAuthentication();
+            $this->config['credentials']->setLogger($this->logger());
         }
         else if ($serviceFile = $this->config('service_file'))
         {
@@ -237,6 +244,10 @@ protected function initConfig()
             $this->config['credentials'] = new OAuthTokenAuthentication($oauthToken);
             $this->config['credentials']->setLogger($this->logger());
         }
+
+        if ($this->config('credentials') !== null){
+            $this->config['credentials']->setRefreshTokenRatio($this->config('refresh_token_ratio', 0.1));
+        }
         else
         {
             throw new Exception('No authentication method is used.');
diff --git a/tests/CheckRefreshTokenRatioTest.php b/tests/CheckRefreshTokenRatioTest.php
@@ -0,0 +1,56 @@
+<?php
+
+namespace YdbPlatform\Ydb\Test;
+
+use PHPUnit\Framework\TestCase;
+use YdbPlatform\Ydb\Exception;
+use YdbPlatform\Ydb\Ydb;
+use YdbPlatform\Ydb\YdbTable;
+
+class CheckRefreshTokenRatioTest extends TestCase
+{
+    public function testAnonymousConnection()
+    {
+        $awaitException = [0, 1];
+        $awaitNormal = [0.05, 0.9];
+        $config = [
+
+            // Database path
+            'database' => '/local',
+
+            // Database endpoint
+            'endpoint' => 'localhost:2136',
+
+            // Auto discovery (dedicated server only)
+            'discovery' => false,
+
+            // IAM config
+            'iam_config' => [
+                'anonymous' => true,
+                'insecure' => true
+            ],
+        ];
+
+        $ydb = new Ydb($config);
+        self::assertEquals(0.1,
+            $ydb->iam()->config('credentials')->getRefreshTokenRatio()
+        );
+
+        foreach ($awaitNormal as $ratio){
+            $config['iam_config']['refresh_token_ratio'] = $ratio;
+            $ydb = new Ydb($config);
+            self::assertEquals($ratio,
+                $ydb->iam()->config('credentials')->getRefreshTokenRatio()
+            );
+        }
+
+        foreach ($awaitException as $ratio) {
+            $config['iam_config']['refresh_token_ratio'] = $ratio;
+            $this->expectExceptionObject(new \Exception("Refresh token ratio. Expected number between 0 and 1."));
+
+            $ydb = new Ydb($config);
+            $ydb->iam()->config('credentials')->getRefreshTokenRatio();
+        }
+
+    }
+}
diff --git a/tests/RefreshTokenTest.php b/tests/RefreshTokenTest.php
@@ -88,7 +88,7 @@ public function test(){
             MetaGetter::getMeta($session)["x-ydb-auth-ticket"][0]
         );
         // Check that sdk used old token when failed refreshing
-        usleep(TokenInfo::_PRIVATE_REFRESH_RATIO*$TOKEN_LIVE_TIME*1000*1000); // waiting 10% from token live time
+        usleep($ydb->iam()->config('credentials')->getRefreshTokenRatio()*$TOKEN_LIVE_TIME*1000*1000); // waiting 10% from token live time
         $session->query('select 1 as res');
         self::assertEquals(
             2,

Original file line number	Diff line number	Diff line change
`@@ -1,3 +1,5 @@`
	`1`	`+* created refresh token ratio parameter`
	`2`	`+`
`1`	`3`	`## 1.9.0`
`2`	`4`
`3`	`5`	`* added microseconds in Timestamp type`
Original file line number	Diff line number	Diff line change
`@@ -18,7 +18,7 @@ public function __construct(string $access_token)`
`18`	`18`
`19`	`19`	`public function getTokenInfo(): TokenInfo`
`20`	`20`	`{`
`21`		`- return new TokenInfo($this->access_token, time()+246060);`
	`21`	`+ return new TokenInfo($this->access_token, time()+246060, $this->refreshTokenRatio);`
`22`	`22`	`}`
`23`	`23`
`24`	`24`	`public function getName(): string`
Original file line number	Diff line number	Diff line change
`@@ -13,7 +13,7 @@ public function __construct()`
`13`	`13`
`14`	`14`	`public function getTokenInfo(): TokenInfo`
`15`	`15`	`{`
`16`		`- return new TokenInfo("", time()+24*3600);`
	`16`	`+ return new TokenInfo("", time()+24*3600, $this->refreshTokenRatio);`
`17`	`17`	`}`
`18`	`18`
`19`	`19`	`public function getName(): string`
Original file line number	Diff line number	Diff line change
`@@ -35,7 +35,7 @@ public function getTokenInfo(): TokenInfo`
`35`	`35`	`'jwt' => $jwt_token,`
`36`	`36`	`];`
`37`	`37`	`$token = $this->requestToken($request_data);`
`38`		`- return new TokenInfo($token->iamToken, $this->convertExpiresAt($token->expiresAt));`
	`38`	`+ return new TokenInfo($token->iamToken, $this->convertExpiresAt($token->expiresAt), $this->refreshTokenRatio);`
`39`	`39`	`}`
`40`	`40`
`41`	`41`	`public function getName(): string`
Original file line number	Diff line number	Diff line change
`@@ -29,7 +29,7 @@ public function getTokenInfo(): TokenInfo`
`29`	`29`	`'jwt' => $jwt_token,`
`30`	`30`	`];`
`31`	`31`	`$token = $this->requestToken($request_data);`
`32`		`- return new TokenInfo($token->iamToken, $this->convertExpiresAt($token->expiresAt));`
	`32`	`+ return new TokenInfo($token->iamToken, $this->convertExpiresAt($token->expiresAt), $this->refreshTokenRatio);`
`33`	`33`	`}`
`34`	`34`
`35`	`35`	`public function getName(): string`
Original file line number	Diff line number	Diff line change
`@@ -12,7 +12,7 @@ class MetadataAuthentication extends \YdbPlatform\Ydb\Auth\Auth`
`12`	`12`	`public function getTokenInfo(): TokenInfo`
`13`	`13`	`{`
`14`	`14`	`$token = $this->requestTokenFromMetadata();`
`15`		`- return new TokenInfo($token->iamToken, $this->convertExpiresAt($token->expiresAt));`
	`15`	`+ return new TokenInfo($token->iamToken, $this->convertExpiresAt($token->expiresAt), $this->refreshTokenRatio);`
`16`	`16`	`}`
`17`	`17`
`18`	`18`	`public function getName(): string`
Original file line number	Diff line number	Diff line change
`@@ -22,7 +22,7 @@ public function getTokenInfo(): TokenInfo`
`22`	`22`	`'yandexPassportOauthToken' => $this->oauth_token,`
`23`	`23`	`];`
`24`	`24`	`$token = $this->requestToken($request_data);`
`25`		`- return new TokenInfo($token->iamToken, $this->convertExpiresAt($token->expiresAt));`
	`25`	`+ return new TokenInfo($token->iamToken, $this->convertExpiresAt($token->expiresAt), $this->refreshTokenRatio);`
`26`	`26`	`}`
`27`	`27`
`28`	`28`	`public function getName(): string`
Original file line number	Diff line number	Diff line change
`@@ -4,7 +4,6 @@`
`4`	`4`
`5`	`5`	`class TokenInfo`
`6`	`6`	`{`
`7`		`- const _PRIVATE_REFRESH_RATIO = 0.1;`
`8`	`7`	`/**`
`9`	`8`	`* @var string`
`10`	`9`	`*/`
`@@ -16,11 +15,11 @@ class TokenInfo`
`16`	`15`
`17`	`16`	`private $refreshAt;`
`18`	`17`
`19`		`- public function __construct(string $token, int $expiresAt)`
	`18`	`+ public function __construct(string $token, int $expiresAt, float $refreshRatio = 0.1)`
`20`	`19`	`{`
`21`	`20`	`$this->token = $token;`
`22`	`21`	`$this->expiresAt = $expiresAt;`
`23`		`- $this->refreshAt = time() + round(TokenInfo::_PRIVATE_REFRESH_RATIO*($this->expiresAt-time()),0);`
	`22`	`+ $this->refreshAt = time() + round($refreshRatio*($this->expiresAt-time()),0);`
`24`	`23`	`}`
`25`	`24`
`26`	`25`	`/**`
Original file line number	Diff line number	Diff line change
`@@ -10,6 +10,7 @@`
`10`	`10`	`use YdbPlatform\Ydb\Auth\Implement\AnonymousAuthentication;`
`11`	`11`	`use YdbPlatform\Ydb\Auth\Implement\JwtWithJsonAuthentication;`
`12`	`12`	`use YdbPlatform\Ydb\Auth\Implement\JwtWithPrivateKeyAuthentication;`
	`13`	`+use YdbPlatform\Ydb\Auth\Implement\MetadataAuthentication;`
`13`	`14`	`use YdbPlatform\Ydb\Auth\Implement\OAuthTokenAuthentication;`
`14`	`15`	`use YdbPlatform\Ydb\Contracts\IamTokenContract;`
`15`	`16`
`@@ -153,6 +154,10 @@ protected function parseConfig(array $config)`
`153`	`154`	`$parsedConfig["credentials"] = $config["credentials"];`
`154`	`155`	`}`
`155`	`156`
	`157`	`+ if (isset($config["refresh_token_ratio"])){`
	`158`	`+ $parsedConfig["refresh_token_ratio"] = $config["refresh_token_ratio"];`
	`159`	`+ }`
	`160`	`+`
`156`	`161`	`foreach ($stringParams as $param)`
`157`	`162`	`{`
`158`	`163`	`$parsedConfig[$param] = (string)($config[$param] ?? '');`
`@@ -197,6 +202,8 @@ protected function initConfig()`
`197`	`202`	`else if ($this->config('use_metadata'))`
`198`	`203`	`{`
`199`	`204`	`$this->logger()->info('YDB: Authentication method: Metadata URL');`
	`205`	`+ $this->config['credentials'] = new MetadataAuthentication();`
	`206`	`+ $this->config['credentials']->setLogger($this->logger());`
`200`	`207`	`}`
`201`	`208`	`else if ($serviceFile = $this->config('service_file'))`
`202`	`209`	`{`
`@@ -237,6 +244,10 @@ protected function initConfig()`
`237`	`244`	`$this->config['credentials'] = new OAuthTokenAuthentication($oauthToken);`
`238`	`245`	`$this->config['credentials']->setLogger($this->logger());`
`239`	`246`	`}`
	`247`	`+`
	`248`	`+ if ($this->config('credentials') !== null){`
	`249`	`+ $this->config['credentials']->setRefreshTokenRatio($this->config('refresh_token_ratio', 0.1));`
	`250`	`+ }`
`240`	`251`	`else`
`241`	`252`	`{`
`242`	`253`	`throw new Exception('No authentication method is used.');`