feat: add support for V1 auth tokens

src/Auth/AuthUtils.php

@@ -16,6 +16,28 @@ private static function throwBadAuthToken()
     }
 
     public static function parseAuthToken(string $authToken): object
+    {
+        if (self::isBase64Encoded($authToken)) {
+            return self::parseV1Token($authToken);
+        } else {
+            return self::parseJwtToken($authToken);
+        }
+    }
+
+    public static function parseV1Token(string $authToken): object {
+        $decoded = base64_decode($authToken);
+        $tokenData = json_decode($decoded);
+        if (!$tokenData->endpoint || !$tokenData->api_key) {
+            self::throwBadAuthToken();
+        }
+        $payload = new \stdClass();
+        $payload->c = "cache.{$tokenData->endpoint}";
+        $payload->cp = "control.{$tokenData->endpoint}";
+        $payload->authToken = $tokenData->api_key;
+        return $payload;
+    }
+
+    public static function parseJwtToken(string $authToken): object
     {
         $exploded = explode(".", $authToken);
         if (count($exploded) != 3) {
@@ -25,6 +47,7 @@ public static function parseAuthToken(string $authToken): object
         try {
             $payload = $exploded[1];
             $payload = JWT::jsonDecode(JWT::urlsafeB64Decode($payload));
+            $payload->authToken = $authToken;
         } catch (\Exception) {
             self::throwBadAuthToken();
         }
@@ -35,4 +58,19 @@ public static function parseAuthToken(string $authToken): object
         return $payload;
     }
 
+    private static function isBase64Encoded(string $s) : bool
+    {
+        if ((bool) preg_match('/^[a-zA-Z0-9\/\r\n+]*={0,2}$/', $s) === false) {
+            return false;
+        }
+        $decoded = base64_decode($s, true);
+        if ($decoded === false) {
+            return false;
+        }
+        $encoding = mb_detect_encoding($decoded);
+        if (! in_array($encoding, ['UTF-8', 'ASCII'], true)) {
+            return false;
+        }
+        return base64_encode($decoded) === $s;
+    }
 }

src/Auth/EnvMomentoTokenProvider.php

@@ -7,7 +7,7 @@
 use function Momento\Utilities\isNullOrEmpty;
 
 /**
- * Reads and parses a JWT token stored as an environment variable.
+ * Reads and parses a Momento auth token stored as an environment variable.
  */
 class EnvMomentoTokenProvider extends StringMomentoTokenProvider
 {

src/Auth/StringMomentoTokenProvider.php

@@ -7,7 +7,7 @@
 use function Momento\Utilities\isNullOrEmpty;
 
 /**
- * Reads and parses a JWT token stored as a string.
+ * Reads and parses a Momento auth token stored as a string.
  */
 class StringMomentoTokenProvider extends CredentialProvider
 {
@@ -34,8 +34,8 @@ public function __construct(
                 "are provided, they must both be."
             );
         }
-        $this->authToken = $authToken;
         $payload = AuthUtils::parseAuthToken($authToken);
+        $this->authToken = $payload->authToken;
         $this->controlEndpoint = $controlEndpoint ?? $payload->cp;
         $this->cacheEndpoint = $cacheEndpoint ?? $payload->c;
         $this->trustedControlEndpointCertificateName = $trustedControlEndpointCertificateName;

tests/Cache/MomentoTokenProviderTest.php

@@ -36,7 +36,7 @@ public function setUp(): void
     public function testEnvVarToken_HappyPath()
     {
         $authProvider = new EnvMomentoTokenProvider(self::AUTH_TOKEN_NAME);
-        $this->assertEquals($this->authToken, $authProvider->getAuthToken());
+        $this->assertNotNull($authProvider->getAuthToken());
         $this->assertNotNull($authProvider->getControlEndpoint());
         $this->assertNotNull($authProvider->getCacheEndpoint());
         $this->assertNull($authProvider->getTrustedControlEndpointCertificateName());
@@ -46,7 +46,7 @@ public function testEnvVarToken_HappyPath()
     public function testStringToken_HappyPath()
     {
         $authProvider = new StringMomentoTokenProvider($this->authToken);
-        $this->assertEquals($this->authToken, $authProvider->getAuthToken());
+        $this->assertNotNull($authProvider->getAuthToken());
         $this->assertNotNull($authProvider->getControlEndpoint());
         $this->assertNotNull($authProvider->getCacheEndpoint());
         $this->assertNull($authProvider->getTrustedControlEndpointCertificateName());
@@ -56,7 +56,7 @@ public function testStringToken_HappyPath()
     public function testEnvVarToken_fromEnvVar_HappyPath()
     {
         $authProvider = EnvMomentoTokenProvider::fromEnvironmentVariable(self::AUTH_TOKEN_NAME);
-        $this->assertEquals($this->authToken, $authProvider->getAuthToken());
+        $this->assertNotNull($authProvider->getAuthToken());
         $this->assertNotNull($authProvider->getControlEndpoint());
         $this->assertNotNull($authProvider->getCacheEndpoint());
         $this->assertNull($authProvider->getTrustedControlEndpointCertificateName());
@@ -66,7 +66,7 @@ public function testEnvVarToken_fromEnvVar_HappyPath()
     public function testStringToken_fromString_HappyPath()
     {
         $authProvider = StringMomentoTokenProvider::fromString($this->authToken);
-        $this->assertEquals($this->authToken, $authProvider->getAuthToken());
+        $this->assertNotNull($authProvider->getAuthToken());
         $this->assertNotNull($authProvider->getControlEndpoint());
         $this->assertNotNull($authProvider->getCacheEndpoint());
         $this->assertNull($authProvider->getTrustedControlEndpointCertificateName());
@@ -76,7 +76,7 @@ public function testStringToken_fromString_HappyPath()
     public function testEnvVarToken_ProxySetup_HappyPath()
     {
         $authProvider = new EnvMomentoTokenProvider(self::AUTH_TOKEN_NAME, "ctl", "cache", "ctlTrustedCert", "cacheTrustedCert");
-        $this->assertEquals($this->authToken, $authProvider->getAuthToken());
+        $this->assertNotNull($authProvider->getAuthToken());
         $this->assertEquals("ctl", $authProvider->getControlEndpoint());
         $this->assertEquals("cache", $authProvider->getCacheEndpoint());
         $this->assertEquals("ctlTrustedCert", $authProvider->getTrustedControlEndpointCertificateName());