2022-11-16 17:57:38 +00:00
|
|
|
<?php
|
|
|
|
|
2023-08-20 15:24:56 +00:00
|
|
|
namespace App\Values;
|
2022-11-16 17:57:38 +00:00
|
|
|
|
2023-08-20 22:35:58 +00:00
|
|
|
use Illuminate\Contracts\Support\Arrayable;
|
2022-11-16 17:57:38 +00:00
|
|
|
use Laravel\Sanctum\NewAccessToken;
|
|
|
|
|
|
|
|
/**
|
2024-01-09 23:26:16 +00:00
|
|
|
* A "composite token" consists of two tokens:
|
2022-11-16 17:57:38 +00:00
|
|
|
*
|
|
|
|
* - an API token, which has all abilities
|
|
|
|
* - an audio token, which has only the "audio" ability i.e. to play and download audio files. This token is used for
|
|
|
|
* the audio player on the frontend as part of the GET query string, and thus has limited privileges.
|
|
|
|
*
|
|
|
|
* This approach helps prevent the API token from being logged by servers and proxies.
|
|
|
|
*/
|
2024-01-09 23:26:16 +00:00
|
|
|
final class CompositeToken implements Arrayable
|
2022-11-16 17:57:38 +00:00
|
|
|
{
|
|
|
|
private function __construct(public string $apiToken, public string $audioToken)
|
|
|
|
{
|
|
|
|
}
|
|
|
|
|
|
|
|
public static function fromAccessTokens(NewAccessToken $api, NewAccessToken $audio): self
|
|
|
|
{
|
|
|
|
return new self($api->plainTextToken, $audio->plainTextToken);
|
|
|
|
}
|
2023-08-20 22:35:58 +00:00
|
|
|
|
2023-08-23 21:21:20 +00:00
|
|
|
/**
|
|
|
|
* @return array<string, string>
|
|
|
|
*/
|
2023-08-20 22:35:58 +00:00
|
|
|
public function toArray(): array
|
|
|
|
{
|
|
|
|
return [
|
|
|
|
'token' => $this->apiToken,
|
|
|
|
'audio-token' => $this->audioToken,
|
|
|
|
];
|
|
|
|
}
|
2022-11-16 17:57:38 +00:00
|
|
|
}
|