[Renater-Partage] - Management of access token received by the API
[Renater-Partage] - Management of access token received by the API
Requirements
Partage API uses access token to validate any incoming requests. Those access token are valid for a maximum of 5 min by default settings, and only 100 tokens may be issued by Partage.
There is nevertheless a rule to take into consideration, the domain name. All tokens issued are attached to a specific domain name.
The requirements are therefore to change the actual behavior of tokens reusability and implements the management of domains as well.
Descriptive title for this enhancement
Once a token has been requested and received, it must be stored properly under the configured domain. Depending on the request being issued to the API, the proper token must be setup.
Actual behavior
One token is being kept for the duration set within FD configuration page. As of now, the token will be re-use for any queries.
This is indeed a problem as multiple Renater-Partage servers or domain name can be setup within the plugin. If one token is kept related to one domain, all other queries targeting another domain will fail.
Mostly with a non detailed 403 Forbidden messages provided by the API.
Expected behavior
A proper reusability of existing stored tokens. Usage of the token base on the domain name being queried.
Step by step description of new behaviour
Once an access token has been requested. It must be stored properly.
Benefits
Multiple requests can therefore be performed with the same token (taking into account its expiration). Allowing to stay far away from the maximum threshold of 100 maximum access token being issued per domain.
Possible Drawbacks
None.