Support multiple connections (#31)

* Support multiple connections

* Store keys in DB

* Remove tests for requests

* Delete old concern

* Upgrade guide

* Default to DB store

* Feedback

Author: VincentBean

README.md

@@ -35,6 +35,12 @@ class Example
             $retrievedOrders[] = $order['increment_id'];
         }
     }
+
+    public function multipleConnections()
+    {
+        $this->magento->connection('connection_one')->get('products/1');
+        $this->magento->connection('connection_two')->get('products/1');
+    }
 }
 
 ```
@@ -68,6 +74,38 @@ Optionally, publish the configuration file of this package.
 php artisan vendor:publish --provider="JustBetter\MagentoClient\ServiceProvider" --tag=config
 ```
 
+## Multiple connections
+
+This package supports connecting to multiple Magento instances.
+In the configuration file you will find an array with the connections where you can configure each connection.
+
+```php
+    'connection' => 'default',
+    'connections' => [
+        'default' => [
+            /* Base URL of Magento, for example: https://magento.test */
+            'base_url' => env('MAGENTO_BASE_URL'),
+
+           // Other settings
+        ],
+        'another_connection' => [
+            'base_url' => env('ANOTHER_MAGENTO_BASE_URL'),
+
+            // Other settings
+        ],
+    ],
+```
+
+The `connection` setting sets which connection is used by default.
+You can switch connections by using the `connection` method on the client.
+
+```php
+/** @var \JustBetter\MagentoClient\Client\Magento $client */
+$client = app(\JustBetter\MagentoClient\Client\Magento::class);
+
+$client->connection('connection_one')->get('products');
+```
+
 ## Authentication
 
 By default, this packages uses Bearer tokens to authenticate to Magento. Since Magento 2.4.4, this method of authentication requires additional configuration in Magento as [described here](https://developer.adobe.com/commerce/webapi/get-started/authentication/gs-authentication-token).
@@ -87,16 +125,22 @@ Note that you can also remove `MAGENTO_ACCESS_TOKEN` at this point, as it will b
 Next, open Magento and create a new integration. When configuring, supply a `Callback URL` and `Identity link URL`. If you have not made any changes to your configuration, these are the URLs:
 
 ```
-Callback URL:      https://example.com/magento/oauth/callback
-Identity link URL: https://example.com/magento/oauth/identity
+Callback URL:      https://example.com/magento/oauth/callback/{connection}
+Identity link URL: https://example.com/magento/oauth/identity/{connection}
 ```
 
-When creating the integration, Magento will send multiple tokens and secrets to your application via the `callback`-endpoint. This information will be saved in a JSON file, as configured in `magento.php`. Magento will redirect you to the `identity`-endpoint in order to activate the integration.
+`connection` is the key in your connections array in the configuration file.
+
+When creating the integration, Magento will send multiple tokens and secrets to your application via the `callback`-endpoint. This information will be saved in the database, as configured in `magento.php`. You may adjust this to save the key in a JSON file or create your own implementation
+Magento will redirect you to the `identity`-endpoint in order to activate the integration.
 
 For more information about OAuth 1.0 in Magento, please consult the [documentation](https://developer.adobe.com/commerce/webapi/get-started/authentication/gs-authentication-oauth).
 
 #### Identity endpoint
 
+> [!CAUTION]
+> Be sure to add your authentication middleware
+
 Note that the `identity`-endpoint **does not** have any authentication or authorization middleware by default - you should add this in the configuration yourself. If you do not have any form of protection, anyone could change the tokens in your secret file.
 
 It is recommended that only administrators of your application are allowed to access the identity endpoint.
@@ -142,11 +186,17 @@ $search = \JustBetter\MagentoClient\Query\SearchCriteria::make()
 
 You can view more examples in [Magento's documentation](https://developer.adobe.com/commerce/webapi/rest/use-rest/performing-searches/).
 
-### Pre defined requests (deprecated)
+### Connections
 
-> Requests are deprecated as the `lazy` functionality has been made available in the client itself.
+You can connect to other connections using the `connection` method on the client.
 
-This package comes bundled with a few predefined request so that you do not have to reinvent the wheel.
+```php
+/** @var \JustBetter\MagentoClient\Client\Magento $client */
+$client = app(\JustBetter\MagentoClient\Client\Magento::class);
+
+$client->connection('connection_one')->get('products');
+$client->connection('connection_two')->get('products');
+```
 
 ### More Examples
 

UPGRADE.md

@@ -0,0 +1,39 @@
+# Upgrade guide
+
+# 1.x to 2.x
+
+2.x introduces support for multiple connections. To upgrade you must adjust your configuration file and OAuth urls.
+
+## Configuration file
+
+The configuration file has been changed to support multiple connections.
+It is recommended to overwrite the version from the package so that you are up to date.
+
+The environment variables did not change.
+This means that if you have a single Magento connection you code will not break.
+
+## OAuth
+
+> [!NOTE]
+> This step is only required when using OAuth authentication
+
+Reauthorize your Magento integration to create the record in your DB.
+
+### URL
+
+The OAuth URL's now require a connection parameter, if you have a single Magento instance the connection value is `default` by default.
+
+```
+Callback URL:      https://example.com/magento/oauth/callback/{connection}
+Identity link URL: https://example.com/magento/oauth/identity/{connection}
+```
+
+### Key Location
+
+OAuth keys are now stored in the database by default.
+If you prefer to store them on disk you can use the `\JustBetter\MagentoClient\OAuth\KeyStore\FileKeyStore` or implement your own keystore.
+
+
+## Testing
+
+The `Magento::fake()` method has been altered to use the URL `magento` instead of `http://magento.test`. You should replace this in your tests.

config/magento.php

@@ -2,29 +2,35 @@
 
 return [
 
-    /* Base URL of Magento, for example: https://magento.test */
-    'base_url' => env('MAGENTO_BASE_URL'),
+    'connection' => 'default',
 
-    /* Base path, only modify if your API is not at /rest */
-    'base_path' => env('MAGENTO_BASE_PATH', 'rest'),
+    'connections' => [
+        'default' => [
+            /* Base URL of Magento, for example: https://magento.test */
+            'base_url' => env('MAGENTO_BASE_URL'),
 
-    /* Store code, modify if you want to set a store by default. */
-    'store_code' => env('MAGENTO_STORE_CODE', 'all'),
+            /* Base path, only modify if your API is not at /rest */
+            'base_path' => env('MAGENTO_BASE_PATH', 'rest'),
 
-    /* Modify if Magento has a new API version */
-    'version' => env('MAGENTO_API_VERSION', 'V1'),
+            /* Store code, modify if you want to set a store by default. */
+            'store_code' => env('MAGENTO_STORE_CODE', 'all'),
 
-    /* Magento access token of an integration */
-    'access_token' => env('MAGENTO_ACCESS_TOKEN'),
+            /* Modify if Magento has a new API version */
+            'version' => env('MAGENTO_API_VERSION', 'V1'),
 
-    /* Specify the timeout (in seconds) for the request. */
-    'timeout' => 30,
+            /* Magento access token of an integration */
+            'access_token' => env('MAGENTO_ACCESS_TOKEN'),
 
-    /* Specify the connection timeout (in seconds) for the request. */
-    'connect_timeout' => 10,
+            /* Specify the timeout (in seconds) for the request. */
+            'timeout' => 30,
 
-    /* Authentication method, choose either "oauth" or "token". */
-    'authentication_method' => env('MAGENTO_AUTH_METHOD', 'token'),
+            /* Specify the connection timeout (in seconds) for the request. */
+            'connect_timeout' => 10,
+
+            /* Authentication method, choose either "oauth" or "token". */
+            'authentication_method' => env('MAGENTO_AUTH_METHOD', 'token'),
+        ],
+    ],
 
     /* OAuth configuration */
     'oauth' => [
@@ -37,17 +43,7 @@
         /* Prefix for the oauth routes. */
         'prefix' => 'magento/oauth',
 
-        /* File configuration */
-        'file' => [
-
-            /* Disk to use. */
-            'disk' => 'local',
-
-            /* File to store the credentials in. */
-            'path' => 'secret/magento2_oauth.json',
-
-            /* Visibility for the secret file */
-            'visibility' => 'private',
-        ],
+        /* Class that manages how the keys are stored */
+        'keystore' => \JustBetter\MagentoClient\OAuth\KeyStore\DatabaseKeyStore::class,
     ],
 ];

database/migrations/2023_12_11_150000_create_magento_oauth_keys_table.php

@@ -0,0 +1,25 @@
+<?php
+
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Support\Facades\Schema;
+
+return new class extends Migration
+{
+    public function up(): void
+    {
+        Schema::create('magento_oauth_keys', function (Blueprint $table): void {
+            $table->id();
+            $table->string('magento_connection')->index();
+
+            $table->json('keys');
+
+            $table->timestamps();
+        });
+    }
+
+    public function down(): void
+    {
+        Schema::dropIfExists('magento_oauth_keys');
+    }
+};

routes/web.php

@@ -3,9 +3,9 @@
 use Illuminate\Support\Facades\Route;
 use JustBetter\MagentoClient\Http\Controllers\OAuthController;
 
-Route::post('callback', [OAuthController::class, 'callback'])
+Route::post('callback/{connection}', [OAuthController::class, 'callback'])
     ->name('magento.oauth.callback');
 
-Route::get('identity', [OAuthController::class, 'identity'])
+Route::get('identity/{connection}', [OAuthController::class, 'identity'])
     ->middleware(config('magento.oauth.middleware'))
     ->name('magento.oauth.identity');

src/Actions/AuthenticateRequest.php

@@ -8,14 +8,14 @@
 
 class AuthenticateRequest implements AuthenticatesRequest
 {
-    public function authenticate(PendingRequest $request): PendingRequest
+    public function authenticate(PendingRequest $request, string $connection): PendingRequest
     {
         /** @var string $method */
-        $method = config('magento.authentication_method');
+        $method = config('magento.connections.'.$connection.'.authentication_method');
 
         $auth = AuthenticationMethod::from($method);
 
-        return $auth->provider()->authenticate($request);
+        return $auth->provider()->authenticate($request, $connection);
     }
 
     public static function bind(): void

src/Actions/BuildRequest.php

@@ -14,15 +14,18 @@ public function __construct(
     ) {
     }
 
-    public function build(): PendingRequest
+    public function build(string $connection): PendingRequest
     {
-        $pendingRequest = Http::baseUrl(config('magento.base_url'))
-            ->timeout(config('magento.timeout'))
-            ->connectTimeout(config('magento.connect_timeout'))
+        /** @var array $options */
+        $options = config('magento.connections.'.$connection);
+
+        $pendingRequest = Http::baseUrl($options['base_url'])
+            ->timeout($options['timeout'])
+            ->connectTimeout($options['connect_timeout'])
             ->acceptJson()
             ->asJson();
 
-        return $this->request->authenticate($pendingRequest);
+        return $this->request->authenticate($pendingRequest, $connection);
     }
 
     public static function bind(): void

src/Actions/OAuth/ManageKeys.php

@@ -3,22 +3,17 @@
 namespace JustBetter\MagentoClient\Actions\OAuth;
 
 use Illuminate\Support\Facades\Validator;
-use JustBetter\MagentoClient\Contracts\OAuth\ManagesKeys;
 use JustBetter\MagentoClient\Contracts\OAuth\RequestsAccessToken;
 use JustBetter\MagentoClient\OAuth\HmacSha256Signature;
+use JustBetter\MagentoClient\OAuth\KeyStore\KeyStore;
 use JustBetter\MagentoClient\OAuth\MagentoServer;
 use League\OAuth1\Client\Credentials\ClientCredentials;
 
 class RequestAccessToken implements RequestsAccessToken
 {
-    public function __construct(
-        protected ManagesKeys $keys
-    ) {
-    }
-
-    public function request(string $key): void
+    public function request(string $connection, string $key): void
     {
-        $keys = $this->keys->get();
+        $keys = KeyStore::instance()->get($connection);
 
         $callback = $keys['callback'] ?? [];
 
@@ -35,14 +30,16 @@ public function request(string $key): void
         $credentials = new ClientCredentials();
         $credentials->setIdentifier($callback['oauth_consumer_key']);
         $credentials->setSecret($callback['oauth_consumer_secret']);
-        $credentials->setCallbackUri(route('magento.oauth.callback'));
+        $credentials->setCallbackUri(route('magento.oauth.callback', ['connection' => $connection]));
 
         /** @var MagentoServer $server */
         $server = app()->makeWith(MagentoServer::class, [
             'clientCredentials' => $credentials,
             'signature' => new HmacSha256Signature($credentials),
         ]);
 
+        $server->connection = $connection;
+
         $temporaryCredentials = $server->getTemporaryCredentials();
 
         $tokenCredentials = $server->getTokenCredentials(
@@ -54,7 +51,8 @@ public function request(string $key): void
         $auth['access_token'] = $tokenCredentials->getIdentifier();
         $auth['access_token_secret'] = $tokenCredentials->getSecret();
 
-        $this->keys->set(
+        KeyStore::instance()->set(
+            $connection,
             array_merge($callback, $auth),
         );
     }