23386290410

Committed 21 Mar 2026 06:48PM UTC coverage: 64.989% (+1.2%) from 63.76%

Build # 23386290410

Build Type

push

github

Committed by

web-flow

Commit Message

Merge pull request #43 from daycry/development

v5.0.0

Coverage Stats

302 of 465 new or added lines in 26 files covered. (64.95%)

19 existing lines in 3 files now uncovered.

3306 of 5087 relevant lines covered (64.99%)

47.04 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

0.0

/src/Models/AccessTokenRepository.php

<?php

declare(strict_types=1);

/**
 * This file is part of Daycry Auth.
 *
 * (c) Daycry <daycry9@proton.me>
 *
 * For the full copyright and license information, please view
 * the LICENSE file that was distributed with this source code.
 */

namespace Daycry\Auth\Models;

use Daycry\Auth\Authentication\Authenticators\AccessToken;
use Daycry\Auth\Entities\AccessToken as AccessTokenIdentity;
use Daycry\Auth\Entities\User;

/**
 * Repository for personal access token operations.
 *
 * Encapsulates all access token CRUD from UserIdentityModel
 * into a focused, single-responsibility class.
 */
class AccessTokenRepository
{
    public function __construct(
        private readonly UserIdentityModel $identityModel,
    ) {
    }

    /**
     * Generates a new personal access token for the user.
     *
     * @param string       $name   Token name
     * @param list<string> $scopes Permissions the token grants
     */
    public function generateAccessToken(User $user, string $name, array $scopes = ['*']): AccessTokenIdentity
    {
        return $this->identityModel->generateAccessToken($user, $name, $scopes);
    }

    /**
     * Finds an access token by its raw (unhashed) value.
     * Excludes revoked tokens.
     */
    public function getAccessTokenByRawToken(string $rawToken): ?AccessTokenIdentity
    {
        return $this->identityModel->getAccessTokenByRawToken($rawToken);
    }

    /**
     * Finds an access token for a specific user by raw token.
     */
    public function getAccessToken(User $user, string $rawToken): ?AccessTokenIdentity
    {
        return $this->identityModel->getAccessToken($user, $rawToken);
    }

    /**
     * Given the ID, returns the given access token.
     */
    public function getAccessTokenById(int|string $id, User $user): ?AccessTokenIdentity
    {
        return $this->identityModel->getAccessTokenById($id, $user);
    }

    /**
     * Returns all access tokens for a user.
     *
     * @return list<AccessTokenIdentity>
     */
    public function getAllAccessTokens(User $user): array
    {
        return $this->identityModel->getAllAccessToken($user);
    }

    /**
     * Hard-deletes an access token by raw token value.
     *
     * @deprecated Use softRevokeAccessToken() for soft-revocation via revoked_at.
     */
    public function deleteAccessToken(User $user, string $rawToken): void
    {
        $this->identityModel->revokeAccessToken($user, $rawToken);
    }

    /**
     * Hard-deletes an access token by its hashed secret.
     *
     * @deprecated Use softRevokeAccessTokenBySecret() for soft-revocation via revoked_at.
     */
    public function deleteAccessTokenBySecret(User $user, string $secretToken): void
    {
        $this->identityModel->revokeAccessTokenBySecret($user, $secretToken);
    }

    /**
     * Hard-deletes all access tokens for a user.
     *
     * @deprecated Use softRevokeAllAccessTokens() for soft-revocation via revoked_at.
     */
    public function deleteAllAccessTokens(User $user): void
    {
        $this->identityModel->revokeAllAccessToken($user);
    }

    /**
     * Soft-revokes an access token by setting revoked_at (by raw token).
     */
    public function softRevokeAccessToken(User $user, string $rawToken): void
    {
        $token = $this->identityModel->getAccessToken($user, $rawToken);

        if ($token !== null) {
            $this->identityModel->revokeIdentityById((int) $token->id);
        }
    }

    /**
     * Soft-revokes an access token by its hashed secret.
     */
    public function softRevokeAccessTokenBySecret(User $user, string $secretToken): void
    {
        $token = $this->identityModel
            ->where('user_id', $user->id)
            ->where('type', AccessToken::ID_TYPE_ACCESS_TOKEN)
            ->where('secret', $secretToken)
            ->asObject(AccessTokenIdentity::class)
            ->first();

        if ($token !== null) {
            $this->identityModel->revokeIdentityById((int) $token->id);
        }
    }

    /**
     * Soft-revokes all access tokens for a user.
     */
    public function softRevokeAllAccessTokens(User $user): void
    {
        $this->identityModel->revokeIdentitiesByUserAndType(
            (int) $user->id,
            AccessToken::ID_TYPE_ACCESS_TOKEN,
        );
    }
}

1	<?php
2
3	declare(strict_types=1);
4
5	/**
6	* This file is part of Daycry Auth.
7	*
8	* (c) Daycry <daycry9@proton.me>
9	*
10	* For the full copyright and license information, please view
11	* the LICENSE file that was distributed with this source code.
12	*/
13
14	namespace Daycry\Auth\Models;
15
16	use Daycry\Auth\Authentication\Authenticators\AccessToken;
17	use Daycry\Auth\Entities\AccessToken as AccessTokenIdentity;
18	use Daycry\Auth\Entities\User;
19
20	/**
21	* Repository for personal access token operations.
22	*
23	* Encapsulates all access token CRUD from UserIdentityModel
24	* into a focused, single-responsibility class.
25	*/
26	class AccessTokenRepository
27	{
NEW 28	public function __construct(	×
29	private readonly UserIdentityModel $identityModel,
30	) {
NEW 31	}	×
32
33	/**
34	* Generates a new personal access token for the user.
35	*
36	* @param string $name Token name
37	* @param list<string> $scopes Permissions the token grants
38	*/
NEW 39	public function generateAccessToken(User $user, string $name, array $scopes = ['*']): AccessTokenIdentity	×
40	{
NEW 41	return $this->identityModel->generateAccessToken($user, $name, $scopes);	×
42	}
43
44	/**
45	* Finds an access token by its raw (unhashed) value.
46	* Excludes revoked tokens.
47	*/
NEW 48	public function getAccessTokenByRawToken(string $rawToken): ?AccessTokenIdentity	×
49	{
NEW 50	return $this->identityModel->getAccessTokenByRawToken($rawToken);	×
51	}
52
53	/**
54	* Finds an access token for a specific user by raw token.
55	*/
NEW 56	public function getAccessToken(User $user, string $rawToken): ?AccessTokenIdentity	×
57	{
NEW 58	return $this->identityModel->getAccessToken($user, $rawToken);	×
59	}
60
61	/**
62	* Given the ID, returns the given access token.
63	*/
NEW 64	public function getAccessTokenById(int\|string $id, User $user): ?AccessTokenIdentity	×
65	{
NEW 66	return $this->identityModel->getAccessTokenById($id, $user);	×
67	}
68
69	/**
70	* Returns all access tokens for a user.
71	*
72	* @return list<AccessTokenIdentity>
73	*/
NEW 74	public function getAllAccessTokens(User $user): array	×
75	{
NEW 76	return $this->identityModel->getAllAccessToken($user);	×
77	}
78
79	/**
80	* Hard-deletes an access token by raw token value.
81	*
82	* @deprecated Use softRevokeAccessToken() for soft-revocation via revoked_at.
83	*/
NEW 84	public function deleteAccessToken(User $user, string $rawToken): void	×
85	{
NEW 86	$this->identityModel->revokeAccessToken($user, $rawToken);	×
87	}
88
89	/**
90	* Hard-deletes an access token by its hashed secret.
91	*
92	* @deprecated Use softRevokeAccessTokenBySecret() for soft-revocation via revoked_at.
93	*/
NEW 94	public function deleteAccessTokenBySecret(User $user, string $secretToken): void	×
95	{
NEW 96	$this->identityModel->revokeAccessTokenBySecret($user, $secretToken);	×
97	}
98
99	/**
100	* Hard-deletes all access tokens for a user.
101	*
102	* @deprecated Use softRevokeAllAccessTokens() for soft-revocation via revoked_at.
103	*/
NEW 104	public function deleteAllAccessTokens(User $user): void	×
105	{
NEW 106	$this->identityModel->revokeAllAccessToken($user);	×
107	}
108
109	/**
110	* Soft-revokes an access token by setting revoked_at (by raw token).
111	*/
NEW 112	public function softRevokeAccessToken(User $user, string $rawToken): void	×
113	{
NEW 114	$token = $this->identityModel->getAccessToken($user, $rawToken);	×
115
NEW 116	if ($token !== null) {	×
NEW 117	$this->identityModel->revokeIdentityById((int) $token->id);	×
118	}
119	}
120
121	/**
122	* Soft-revokes an access token by its hashed secret.
123	*/
NEW 124	public function softRevokeAccessTokenBySecret(User $user, string $secretToken): void	×
125	{
NEW 126	$token = $this->identityModel	×
NEW 127	->where('user_id', $user->id)	×
NEW 128	->where('type', AccessToken::ID_TYPE_ACCESS_TOKEN)	×
NEW 129	->where('secret', $secretToken)	×
NEW 130	->asObject(AccessTokenIdentity::class)	×
NEW 131	->first();	×
132
NEW 133	if ($token !== null) {	×
NEW 134	$this->identityModel->revokeIdentityById((int) $token->id);	×
135	}
136	}
137
138	/**
139	* Soft-revokes all access tokens for a user.
140	*/
NEW 141	public function softRevokeAllAccessTokens(User $user): void	×
142	{
NEW 143	$this->identityModel->revokeIdentitiesByUserAndType(	×
NEW 144	(int) $user->id,	×
NEW 145	AccessToken::ID_TYPE_ACCESS_TOKEN,	×
NEW 146	);	×
147	}
148	}

daycry / auth / 23386290410

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous