There is no license information available for the latest version (1.1.0) of this package.

HTTP-Client for Germania's Authentication API

1.1.0 2021-11-26 13:12 UTC

This package is auto-updated.

Last update: 2022-06-26 14:35:30 UTC



AuthApi Client

Service-side PHP client for retrieving an Auth token from Germania's Authentication API (AuthApi).


composer require germania-kg/authapi-client

Interfaces and abstracts


The AuthApiInterface provides three public methods:

  • getToken which requires username and password and returns an AuthToken instance, optionally with long TTL (“refresh”)
  • login which requires username and password and returns an AuthToken instance, usually with short TTL.
  • refresh which accepts an AuthToken instance and returns a new AuthToken instance
namespace Germania\AuthApiClient;

interface AuthApiInterface
    public function getToken(string $username, string $password, bool refresh = false) : AuthTokenInterface;
    public function login(string $username, string $password) : AuthTokenInterface;
    public function refresh(AuthTokenInterface $token) : AuthTokenInterface;


Abstract class AuthApiAbstract implements AuthApiInterface, so you will have to bring the abstract methods to life. They use Psr\Log\LoggerAwareTrait and the LoglevelTrait that comes with this package. So with all instances extending from AuthApiAbstract, you can:

class MyClient extends AuthApiAbstract {
  	// Implement abstract methods here

$my_client = new MyClient;

// LoggerAwareTrait
$my_client->setLogger( new Monolog );

// LoglevelTrait
$my_client->setErrorLoglevel( \Psr\Log\LogLevel::ERROR) );
$my_client->setSuccessLoglevel( \Psr\Log\LogLevel::INFO) );


Using Guzzle

The GuzzleAuthApi client extends AuthApiAbstract and implements AuthApiInterface. It uses the GuzzleHttp Client to authenticate at Germania's AuthApi. The Guzzle client needs to be configured with the AuthAPI's base_uri.

use Germania\AuthApiClient\GuzzleAuthApi;

// Setup dependencies
$guzzle = new \GuzzleHttp\Client(['base_uri' => ""]);

// Optional with PSR-3 Logger support.
$client = new GuzzleAuthApi( $guzzle);
$client = new GuzzleAuthApi( $guzzle, new Monolog);

Set Guzzle Client

$guzzle = new \GuzzleHttp\Client( ... );

Using PSR-18 HTTP client

Class HttpClientAuthApi extends abstract AuthApiDecorator and thus also implements AuthApiInterface.

The constructor requires the AuthApi base URL and a PSR-18 client instance. An optional PSR-3 Logger may be passed as third parameter.

use Germania\AuthApiClient\HttpClientAuthApi;  

// Setup dependencies
$base_url = "";
$psr_18 = new \GuzzleHttp\Client;

// Optional with PSR-3 Logger support.
$client = new HttpClientAuthApi($base_url, $psr_18);
$client = new HttpClientAuthApi($base_url, $psr_18, new Monolog);

Set base URL


Set PSR-18 HTTP client

use GuzzleHttp\Client as Guzzle;
$client->setHttpClient( new Guzzle );

Set PSR-17 Request and Stream factory

use Nyholm\Psr7\Factory\Psr17Factory;
$client->setRequestFactory( new Psr17Factory );
$client->setStreamFactory( new Psr17Factory );

PSR-6 Cache support

Class CacheAuthApiDecorator is a PSR-6 Cache decorator for any AuthApiInterface instance. It extends abstract AuthApiDecorator and thus also implements AuthApiInterface.

The constructor requires AuthApiInterface instance and a PSR-6 CacheItemPool. An optional PSR-3 Logger may be passed as third parameter.

use Germania\AuthApiClient\CacheAuthApiDecorator;
use Germania\AuthApiClient\GuzzleAuthApi;
use GuzzleHttp\Client as Guzzle;

// Setup dependencies
$cache = new \Symfony\Component\Cache\Adapter\FilesystemAdapter;
$inner = new GuzzleAuthApi( new Guzzle );

// Optional with PSR-3 Logger support.
$client = new CacheAuthApiDecorator($inner, $cache);
$client = new CacheAuthApiDecorator($inner, $cache, new Monolog);

Set PSR-6 CacheItemPool

$cache = new \Symfony\Component\Cache\Adapter\FilesystemAdapter;

Usage Example

This usage example combines the above AuthApi clients.

The AuthToken's life time is usually quite short; to obtain one with longer TTL (i.e. refresh after login), pass a third boolean parameter to the getToken method. The new TTL is derived from the token lifetime.

use Germania\AuthApiClient\CacheAuthApiDecorator;
use Germania\AuthApiClient\GuzzleAuthApi;

// Dependencies
$guzzle = new \GuzzleHttp\Client(['base_uri' => "");
$cache  = new \Symfony\Component\Cache\Adapter\FilesystemAdapter;
$logger = new \Monolog\Monolog( ... );
// AuthAPi clients                                  
$inner  = new GuzzleAuthApi( $guzzle, $logger);
$client = new CacheAuthApiDecorator($inner, $cache, $logger);

// Retrieve AuthToken, either short-living or long-TTL
$token = $client->getToken("username", "password");  
$token = $client->getToken("username", "password", (bool) "refresh");  

// Work with AuthToken
echo get_class($token);     // \Germania\AuthApiClient\AuthToken
echo $token;                // "somerandomstring"
echo $token->getContent();  // "somerandomstring"  
echo $token->getLifeTime(); // e.g. 60

Exception handling

Any exception thrown by the AuthApi client implements AuthApiExceptionInterface. So catching \Germania\AuthApiClient\Exceptions\AuthApiExceptionInterface usually will be plenty.

Any request-related exception thrown by the Guzzle client will be wrapped up in a AuthApiRequestException. This exception class extends \RuntimeException and implements AuthApiExceptionInterface.

When there's something wrong with the retrieved AuthApi response, an AuthApiResponseException will be thrown. This exception class extends \UnexpectedValueException and implements AuthApiExceptionInterface.

use Germania\AuthApiClient\Exceptions\{

try {
	$token = $client->getToken("username", "password");  
catch (AuthApiRequestException $e) {
  $guzzle_exception = $e->getPrevious(); // Possibly previous Guzzle Exception
catch (AuthApiResponseException $e) {
  $json_error = $e->getPrevious(); // Possibly previous JSON error  
  echo $e->getMessage(); // "Access token missing" (or sort of)
catch (AuthApiExceptionInterface $e) {
	echo $e->getMessage();

The AuthToken

The AuthToken and AuthTokenInterface rely on Germania's germania-kg/token package:

Interface AuthTokenInterface

The Germania\AuthApiClient\AuthTokenInterface extends Germania\Token\TokenInterface and thus provides these methods inherited from AuthTokenInterface:

interface AuthTokenInterface
    // Alias for "getContent"
    public function __toString();

    // Returns the token "text".
  	public function getContent() : string;

    // Returns the lifetime in seconds.
    public function getLifeTime() : int;

Class AuthToken

The Germania\AuthApiClient\AuthToken implements the AuthTokenInterface. It is an extension from Germania\Token\Token.

use Germania\AuthApiClient\AuthToken;

// Pass token string and TTL
$auth_token = new AuthToken( "somerandomstring", 3600);

// Inherited from "Token" class
echo $auth_token;                // "somerandomstring"
echo $auth_token->__toString();  // "somerandomstring"  
echo $auth_token->getContent();  // "somerandomstring"  
echo $auth_token->getLifeTime(); // 3600

Create authorized requests: PSR-17 Requestfactory

Once you have your AuthToken, you'll want to authorize at an API. In order to create an authorized PSR-7 Request, you can use class AuthTokenRequestFactory which wraps another “inner” PSR-17 RequestFactory.

The constructor requires an AuthToken instance or equivalent string; it optionally accepts any PSR-17 instance; per default Nyholm's PSR-17 RequestFactory will be used.

use Germania\AuthApiClient\AuthTokenRequestFactory;

# Have your AuthToken and, optionally, another PSR-17 Request Factory at hand:
$auth_token = ...
$inner_request_factory = new \Nyholm\Psr7\Factory\Psr17Factory;

$psr17 = AuthTokenRequestFactory( $auth_token );
$psr17 = AuthTokenRequestFactory( $auth_token ), $inner_request_factory);

$request = $psr17->createRequest("GET", "/");
// true


Copy phpunit.xml.dist to phpunit.xml and fill in your credentials in the <php> section.

$ composer phpunit