Removed token 'client' text, avoid confusion w/ oAuth

- Instead have a token_id and a secret.
   - Displayed a 'Token ID' and 'Token Secret'.

diff --git a/app/Http/Controllers/UserApiTokenController.php b/app/Http/Controllers/UserApiTokenController.php
index 9f5ebc49e5d10356cb247da4a3b2049fb9cbfe64..c18d5290131468442c832e5b8467dd61fb94f90a 100644 (file)
--- a/app/Http/Controllers/UserApiTokenController.php
+++ b/app/Http/Controllers/UserApiTokenController.php
@@ -44,14 +44,14 @@ class UserApiTokenController extends Controller
 
         $token = (new ApiToken())->forceFill([
             'name' => $request->get('name'),
-            'client_id' => Str::random(32),
-            'client_secret' => Hash::make($secret),
+            'token_id' => Str::random(32),
+            'secret' => Hash::make($secret),
             'user_id' => $user->id,
             'expires_at' => $expiry
         ]);
 
-        while (ApiToken::query()->where('client_id', '=', $token->client_id)->exists()) {
-            $token->client_id = Str::random(32);
+        while (ApiToken::query()->where('token_id', '=', $token->token_id)->exists()) {
+            $token->token_id = Str::random(32);
         }
 
         $token->save();

diff --git a/database/migrations/2019_12_29_120917_add_api_auth.php b/database/migrations/2019_12_29_120917_add_api_auth.php
index c8a1a7781859c01f2cc17b8ba082958f843dab79..eff88247fab066fb9f43b118e2ba8ba752ed1231 100644 (file)
--- a/database/migrations/2019_12_29_120917_add_api_auth.php
+++ b/database/migrations/2019_12_29_120917_add_api_auth.php
@@ -19,8 +19,8 @@ class AddApiAuth extends Migration
         Schema::create('api_tokens', function(Blueprint $table) {
             $table->increments('id');
             $table->string('name');
-            $table->string('client_id')->unique();
-            $table->string('client_secret');
+            $table->string('token_id')->unique();
+            $table->string('secret');
             $table->integer('user_id')->unsigned()->index();
             $table->date('expires_at')->index();
             $table->nullableTimestamps();

diff --git a/resources/lang/en/settings.php b/resources/lang/en/settings.php
index 88eb22aa0c8f40862110c2beeaab7ccfdc8b6698..b1da5435fdbba0bf33929258635f9e56829d45fb 100755 (executable)
--- a/resources/lang/en/settings.php
+++ b/resources/lang/en/settings.php
@@ -163,14 +163,14 @@ return [
     'user_api_token_name_desc' => 'Give your token a readable name as a future reminder of its intended purpose.',
     'user_api_token_expiry' => 'Expiry Date',
     'user_api_token_expiry_desc' => 'Set a date at which this token expires. After this date, requests made using this token will no longer work. Leaving this field blank will set an expiry 100 years into the future.',
-    'user_api_token_create_secret_message' => 'Immediately after creating this token a "client id"" & "client secret" will be generated and displayed. The client secret will only be shown a single time so be sure to copy the value to somewhere safe and secure before proceeding.',
+    'user_api_token_create_secret_message' => 'Immediately after creating this token a "Token ID"" & "Token Secret" will be generated and displayed. The secret will only be shown a single time so be sure to copy the value to somewhere safe and secure before proceeding.',
     'user_api_token_create_success' => 'API token successfully created',
     'user_api_token_update_success' => 'API token successfully updated',
     'user_api_token' => 'API Token',
-    'user_api_token_client_id' => 'Client ID',
-    'user_api_token_client_id_desc' => 'This is a non-editable system generated identifier for this token which will need to be provided in API requests.',
-    'user_api_token_client_secret' => 'Client Secret',
-    'user_api_token_client_secret_desc' => 'This is a system generated secret for this token which will need to be provided in API requests. This will only be displayed this one time so copy this value to somewhere safe and secure.',
+    'user_api_token_id' => 'Token ID',
+    'user_api_token_id_desc' => 'This is a non-editable system generated identifier for this token which will need to be provided in API requests.',
+    'user_api_token_secret' => 'Token Secret',
+    'user_api_token_secret_desc' => 'This is a system generated secret for this token which will need to be provided in API requests. This will only be displayed this one time so copy this value to somewhere safe and secure.',
     'user_api_token_created' => 'Token Created :timeAgo',
     'user_api_token_updated' => 'Token Updated :timeAgo',
     'user_api_token_delete' => 'Delete Token',

diff --git a/resources/views/users/api-tokens/edit.blade.php b/resources/views/users/api-tokens/edit.blade.php
index 0ec9adbe6c81241cf48fad48ab793a7b95ac7854..821a00d93cfa4590ac32ffad7c312d7b1f5c9112 100644 (file)
--- a/resources/views/users/api-tokens/edit.blade.php
+++ b/resources/views/users/api-tokens/edit.blade.php
@@ -15,11 +15,11 @@
 
                     <div class="grid half gap-xl v-center">
                         <div>
-                            <label class="setting-list-label">{{ trans('settings.user_api_token_client_id') }}</label>
-                            <p class="small">{{ trans('settings.user_api_token_client_id_desc') }}</p>
+                            <label class="setting-list-label">{{ trans('settings.user_api_token_id') }}</label>
+                            <p class="small">{{ trans('settings.user_api_token_id_desc') }}</p>
                         </div>
                         <div>
-                            @include('form.text', ['name' => 'client_id', 'readonly' => true])
+                            @include('form.text', ['name' => 'token_id', 'readonly' => true])
                         </div>
                     </div>
 
@@ -27,8 +27,8 @@
                     @if( $secret )
                         <div class="grid half gap-xl v-center">
                             <div>
-                                <label class="setting-list-label">{{ trans('settings.user_api_token_client_secret') }}</label>
-                                <p class="small text-warn">{{ trans('settings.user_api_token_client_secret_desc') }}</p>
+                                <label class="setting-list-label">{{ trans('settings.user_api_token_secret') }}</label>
+                                <p class="small text-warn">{{ trans('settings.user_api_token_secret_desc') }}</p>
                             </div>
                             <div>
                                 <input type="text" readonly="readonly" value="{{ $secret }}">

diff --git a/resources/views/users/edit.blade.php b/resources/views/users/edit.blade.php
index ba76b022e02718ba229cad48a401bee4041c20f1..c69d101d422c0afbfe4b019ee0c1a0ecec5a10c1 100644 (file)
--- a/resources/views/users/edit.blade.php
+++ b/resources/views/users/edit.blade.php
@@ -109,7 +109,7 @@
                         <tr>
                             <td>
                                 {{ $token->name }} <br>
-                                <span class="small text-muted italic">{{ $token->client_id }}</span>
+                                <span class="small text-muted italic">{{ $token->token_id }}</span>
                             </td>
                             <td>{{ $token->expires_at->format('Y-m-d') ?? '' }}</td>
                             <td class="text-right">

diff --git a/tests/User/UserApiTokenTest.php b/tests/User/UserApiTokenTest.php
index 86c2b7bcc580ecd0e378f830dc21492c05c4ac63..012747296a46c1d90f34838119b44daa5f163ab5 100644 (file)
--- a/tests/User/UserApiTokenTest.php
+++ b/tests/User/UserApiTokenTest.php
@@ -44,7 +44,7 @@ class UserApiTokenTest extends TestCase
         $resp = $this->asAdmin()->get($editor->getEditUrl('/create-api-token'));
         $resp->assertStatus(200);
         $resp->assertSee('Create API Token');
-        $resp->assertSee('client secret');
+        $resp->assertSee('Token Secret');
 
         $resp = $this->post($editor->getEditUrl('/create-api-token'), $this->testTokenData);
         $token = ApiToken::query()->latest()->first();
@@ -59,11 +59,11 @@ class UserApiTokenTest extends TestCase
         $this->assertSessionHas('api-token-secret:' . $token->id);
         $secret = session('api-token-secret:' . $token->id);
         $this->assertDatabaseMissing('api_tokens', [
-            'client_secret' => $secret,
+            'secret' => $secret,
         ]);
-        $this->assertTrue(\Hash::check($secret, $token->client_secret));
+        $this->assertTrue(\Hash::check($secret, $token->secret));
 
-        $this->assertTrue(strlen($token->client_id) === 32);
+        $this->assertTrue(strlen($token->token_id) === 32);
         $this->assertTrue(strlen($secret) === 32);
 
         $this->assertSessionHas('success');
@@ -92,15 +92,15 @@ class UserApiTokenTest extends TestCase
         $resp = $this->get($editor->getEditUrl());
         $resp->assertElementExists('#api_tokens');
         $resp->assertElementContains('#api_tokens', $token->name);
-        $resp->assertElementContains('#api_tokens', $token->client_id);
+        $resp->assertElementContains('#api_tokens', $token->token_id);
         $resp->assertElementContains('#api_tokens', $token->expires_at->format('Y-m-d'));
     }
 
-    public function test_client_secret_shown_once_after_creation()
+    public function test_secret_shown_once_after_creation()
     {
         $editor = $this->getEditor();
         $resp = $this->asAdmin()->followingRedirects()->post($editor->getEditUrl('/create-api-token'), $this->testTokenData);
-        $resp->assertSeeText('Client Secret');
+        $resp->assertSeeText('Token Secret');
 
         $token = ApiToken::query()->latest()->first();
         $this->assertNull(session('api-token-secret:' . $token->id));