How can I test if I have all the right credentials with php-opencloud sdk?

StackOverflow https://stackoverflow.com/questions/18641865

Question

Here is my code for now:

$cloud = new Rackspace('https://identity.api.rackspacecloud.com/v2.0/', $php_cloudconfig['credentials']);
$array_creds = getCredentials();
$cloud->ImportCredentials($array_creds);

$array_creds = $cloud->ExportCredentials();
setCredentials($array_creds['authorization_token'], $array_creds['expiration'], $array_creds['tenant_id'], $array_creds['service_catalog']);

function getCredentials() {
    $sql_get_credential = "SELECT * FROM cloud_apiconnection";
    $q = $conn->prepare($sql_get_credential);
    return $q->execute();
}

function setCredentials($authorization_token, $expiration, $tenant_id, $service_catalog)     {
    $sql_insert = "INSERT INTO cloud_apiconnection (authorization_token, expiration, tenant_id, service_catalog) VALUES (:authorization_token, :expiration, :tenant_id, :service_catalog)";
    $q = $conn->prepare($sql_insert);
    $q->execute(array(':authorization_token' => $authorization_token, ':expiration' => $expiration, ':tenant_id' => $tenant_id, ':service_catalog' => $service_catalog));
}

Is there a way to detect if the credentials were updated in: $cloud->ImportCredentials($array_creds); ?

I am wandering because I don't want to write to the DB if I don't need to.

Also is this the best strategy for managing my connection to RackSpace API?

Was it helpful?

Solution

It seems like a good strategy for maintaining a persistent session, because you're re-using an existing token ID. The only other suggestion is to cache your credentials in a local file, rather than making an MySQL transaction. You don't really need to store your tenant ID and service catalog because these are easily retrievable through the software layer.

To check the validity an existing token, I'd do this:

$connection = new Rackspace(...);

// Import existing credentials
$credentials = getCredentials();
$connection->importCredentials($credentials);

// Authenticate against the API to make sure your token is still valid
$connection->authenticate();

// Compare result
$newCredentials = $connection->exportCredentials();

if ($newCredentials['authorization_token'] != $credentials['authorization_token']) {
   // You know it's been updated, so save new ones
   setCredentials();
}

All the authenticate() method does is execute a request against the Rackspace API; and based on the results, it's effectively letting you know whether your existing stuff is still valid. When other methods call authenticate(), they usually do another check beforehand: they check the expiry value (i.e. not in the past). You could implement the same thing they do (to find out whether credentials need to be refreshed and saved):

if (time() > ($credentials['expiration'] - RAXSDK_FUDGE)) {
   // They're old, you need to call authenticate()
} else {
   // They seem to be still valid. Sweet!
}

By the way, we've recently changed this functionality so that exportCredentials() makes a call to authenticate() - so this would mean you wouldn't need to call it yourself. But for your current version it's worth leaving it in.

Does that answer everything?

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top