koel/app/Values/CompositeToken.php

39 lines
1 KiB
PHP
Raw Normal View History

2022-11-16 17:57:38 +00:00
<?php
namespace App\Values;
2022-11-16 17:57:38 +00:00
2023-08-20 22:35:58 +00:00
use Illuminate\Contracts\Support\Arrayable;
2022-11-16 17:57:38 +00:00
use Laravel\Sanctum\NewAccessToken;
/**
* A "composite token" consists of two tokens:
2022-11-16 17:57:38 +00:00
*
* - an API token, which has all abilities
* - an audio token, which has only the "audio" ability i.e. to play and download audio files. This token is used for
* the audio player on the frontend as part of the GET query string, and thus has limited privileges.
*
* This approach helps prevent the API token from being logged by servers and proxies.
*/
final class CompositeToken implements Arrayable
2022-11-16 17:57:38 +00:00
{
private function __construct(public string $apiToken, public string $audioToken)
{
}
public static function fromAccessTokens(NewAccessToken $api, NewAccessToken $audio): self
{
return new self($api->plainTextToken, $audio->plainTextToken);
}
2023-08-20 22:35:58 +00:00
2023-08-23 21:21:20 +00:00
/**
* @return array<string, string>
*/
2023-08-20 22:35:58 +00:00
public function toArray(): array
{
return [
'token' => $this->apiToken,
'audio-token' => $this->audioToken,
];
}
2022-11-16 17:57:38 +00:00
}