Authenticators should extend TokenReceiver.php directly

php/src/vaas/Authentication/AuthenticatorInterface.php

@@ -6,5 +6,5 @@
 
 interface AuthenticatorInterface
 {
-    public function getTokenAsync(?Cancellation $cancellation = null): string;
+    public function getToken(?Cancellation $cancellation = null): string;
 }

php/src/vaas/Authentication/ClientCredentialsGrantAuthenticator.php

@@ -5,20 +5,23 @@
 use Amp\Cancellation;
 use Amp\Http\Client\HttpClient;
 
-class ClientCredentialsGrantAuthenticator implements AuthenticatorInterface
+class ClientCredentialsGrantAuthenticator extends TokenReceiver implements AuthenticatorInterface
 {
-    private TokenReceiver $tokenReceiver;
-
+    private readonly string $clientId;
+    private readonly string $clientSecret;
+
     /**
      * The authenticator for the client credentials grant type if you have a client id and client secret.
      * @param string $clientId The client id
      * @param string $clientSecret The client secret
      * @param string|null $tokenUrl The optional token url. Defaults to 'https://account.gdata.de/realms/vaas-production/protocol/openid-connect/token'
      * @param HttpClient|null $httpClient Your optional custom http client.
      */
-    public function __construct(public string $clientId, public string $clientSecret, ?string $tokenUrl = null, ?HttpClient $httpClient = null)
+    public function __construct(string $clientId, string $clientSecret, ?string $tokenUrl = null, ?HttpClient $httpClient = null)
     {
-        $this->tokenReceiver = new ClientCredentialsTokenReceiver($this, $tokenUrl, $httpClient);
+        parent::__construct($tokenUrl, $httpClient);
+        $this->clientId = $clientId;
+        $this->clientSecret = $clientSecret;
     }
 
     /**
@@ -28,8 +31,17 @@ public function __construct(public string $clientId, public string $clientSecret
      * @param Cancellation|null $cancellation Cancellation token
      * @return string The access token string
      */
-    public function getTokenAsync(?Cancellation $cancellation = null): string
+    public function getToken(Cancellation $cancellation = null): string
+    {
+        return parent::getTokenAsync($cancellation)->await($cancellation);
+    }
+
+    protected function tokenRequestToForm(): string
     {
-        return $this->tokenReceiver->getTokenAsync($cancellation)->await();
+        return http_build_query([
+            'client_id' => $this->clientId,
+            'client_secret' => $this->clientSecret,
+            'grant_type' => 'client_credentials',
+        ]);
     }
 }

php/src/vaas/Authentication/ResourceOwnerPasswordGrantAuthenticator.php

@@ -5,9 +5,11 @@
 use Amp\Cancellation;
 use Amp\Http\Client\HttpClient;
 
-class ResourceOwnerPasswordGrantAuthenticator implements AuthenticatorInterface
+class ResourceOwnerPasswordGrantAuthenticator extends TokenReceiver implements AuthenticatorInterface
 {
-    private TokenReceiver $tokenReceiver;
+    private readonly string $clientId;
+    private readonly string $userName;
+    private readonly string $password;
 
     /**
      * The authenticator for the resource owner password grant type if you have a client id, username and password.
@@ -18,9 +20,12 @@ class ResourceOwnerPasswordGrantAuthenticator implements AuthenticatorInterface
      * @param string|null $tokenUrl The optional token url. Defaults to 'https://account.gdata.de/realms/vaas-production/protocol/openid-connect/token'
      * @param HttpClient|null $httpClient Your optional custom http client.
      */
-    public function __construct(public string $clientId, public string $userName, public string $password, ?string $tokenUrl = null, ?HttpClient $httpClient = null)
+    public function __construct(string $clientId, string $userName, string $password, ?string $tokenUrl = null, ?HttpClient $httpClient = null)
     {
-        $this->tokenReceiver = new ResourceOwnerPasswordTokenReceiver($this, $tokenUrl, $httpClient);
+        parent::__construct($tokenUrl, $httpClient);
+        $this->clientId = $clientId;
+        $this->userName = $userName;
+        $this->password = $password;
     }
 
     /**
@@ -30,8 +35,18 @@ public function __construct(public string $clientId, public string $userName, pu
      * @param Cancellation|null $cancellation Cancellation token
      * @return string The access token string
      */
-    public function getTokenAsync(?Cancellation $cancellation = null): string
+    public function getToken(Cancellation $cancellation = null): string
     {
-        return $this->tokenReceiver->getTokenAsync($cancellation)->await();
+        return parent::getTokenAsync($cancellation)->await($cancellation);
+    }
+
+    protected function tokenRequestToForm(): string
+    {
+        return http_build_query([
+            'client_id' => $this->clientId,
+            'username' => $this->userName,
+            'password' => $this->password,
+            'grant_type' => 'password',
+        ]);
     }
 }

php/src/vaas/Authentication/TokenReceiver.php

@@ -22,7 +22,6 @@ abstract class TokenReceiver
     private ?int $lastRequestTime = null;
 
     public function __construct(
-        public AuthenticatorInterface $authenticator,
         public ?string $tokenUrl = null,
         public ?HttpClient $httpClient = null)
     {

php/src/vaas/Vaas.php

@@ -324,7 +324,7 @@ private function addRequestHeadersAsync(Request $request, ?string $requestId = '
     {
         return async(function () use ($request, $requestId) {
             $this->logger->debug("Add request headers");
-            $request->setHeader('Authorization', 'Bearer ' . $this->authenticator->getTokenAsync());
+            $request->setHeader('Authorization', 'Bearer ' . $this->authenticator->getToken());
             $this->logger->debug("Successfully added authorization header with bearer token");
             $request->setHeader('User-Agent', sprintf('%s/%s', self::PRODUCT_NAME, self::PRODUCT_VERSION));
             if (!empty($requestId)) {

php/tests/VaasTesting/AuthenticatorTest.php

@@ -56,7 +56,7 @@ public function testClientCredentialsGrantAuthenticator_withInvalidCredentials_T
             clientSecret: "invalid"
         );
 
-        $authenticator->getTokenAsync();
+        $authenticator->getToken();
     }
 
     public function testResourceOwnerPasswordGrantAuthenticator_withInvalidCredentials_ThrowsAccessDeniedException(): void
@@ -68,7 +68,7 @@ public function testResourceOwnerPasswordGrantAuthenticator_withInvalidCredentia
             password: "invalid"
         );
 
-        $authenticator->getTokenAsync();
+        $authenticator->getToken();
     }
 
     public function testClientCredentialsGrantAuthenticator_withValidCredentials_ReturnsToken(): void
@@ -79,7 +79,7 @@ public function testClientCredentialsGrantAuthenticator_withValidCredentials_Ret
             tokenUrl: $_ENV["TOKEN_URL"]
         );
 
-        $token = $authenticator->getTokenAsync();
+        $token = $authenticator->getToken();
 
         $this->assertNotNull($token);
     }
@@ -93,7 +93,7 @@ public function testResourceOwnerPasswordGrantAuthenticator_withValidCredentials
             tokenUrl: $_ENV["TOKEN_URL"]
         );
 
-        $token = $authenticator->getTokenAsync();
+        $token = $authenticator->getToken();
 
         $this->assertNotNull($token);
     }