Skip to content

Commit 1ab83db

Browse files
committed
feat: upgrade saloon to v4
1 parent 858396d commit 1ab83db

3 files changed

Lines changed: 58 additions & 10 deletions

File tree

UPGRADE.md

Lines changed: 31 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,31 @@
1+
# Upgrade Guide
2+
3+
## From v0.x to v1.0.0
4+
5+
### Saloon v4
6+
7+
This release upgrades from Saloon v3 to v4. Saloon v4 is primarily a security release that removes serialization support from `AccessTokenAuthenticator`.
8+
9+
### MoneybirdAuth cast
10+
11+
The `MoneybirdAuth` cast now stores tokens as JSON instead of PHP serialized data. Existing serialized data will continue to be read correctly, but new writes will always use JSON.
12+
13+
To migrate existing data you have two options:
14+
15+
#### Option 1: Let it migrate automatically
16+
17+
The cast will read the old format and write the new format on the next save. No action required on your end. If you are using tokens that never expire, you may want to trigger a save manually to migrate the data.
18+
19+
#### Option 2: Run a migration
20+
21+
If you prefer to migrate all data at once, you can create a migration that reads and re-saves the affected models:
22+
23+
```php
24+
use App\Models\YourModel;
25+
26+
YourModel::query()->each(function ($model) {
27+
$model->saveQuietly();
28+
});
29+
```
30+
31+
This will read the old serialized format and re-save it as JSON.

composer.json

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -18,9 +18,9 @@
1818
"require": {
1919
"php": "^8.2",
2020
"illuminate/contracts": "^11.0||^12.0||^13.0",
21-
"saloonphp/laravel-plugin": "^3.11",
21+
"saloonphp/laravel-plugin": "^4.0",
2222
"saloonphp/rate-limit-plugin": "^2.0",
23-
"saloonphp/saloon": "^3.0",
23+
"saloonphp/saloon": "^4.0",
2424
"spatie/laravel-data": "^4.13",
2525
"spatie/laravel-package-tools": "^1.16"
2626
},

src/Casts/MoneybirdAuth.php

Lines changed: 25 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -2,31 +2,48 @@
22

33
namespace Sensson\Moneybird\Casts;
44

5+
use DateTimeImmutable;
56
use Saloon\Http\Auth\AccessTokenAuthenticator;
67

78
class MoneybirdAuth
89
{
9-
/**
10-
* Cast the given value.
11-
*/
1210
public function get($model, string $key, $value, array $attributes): ?AccessTokenAuthenticator
1311
{
1412
if (is_null($value)) {
1513
return null;
1614
}
1715

18-
return unserialize($value, ['allowed_classes' => true]);
16+
$data = json_decode($value, true);
17+
18+
if (json_last_error() !== JSON_ERROR_NONE) {
19+
$legacy = unserialize($value, [
20+
'allowed_classes' => [AccessTokenAuthenticator::class, DateTimeImmutable::class],
21+
]);
22+
23+
return new AccessTokenAuthenticator(
24+
accessToken: $legacy->getAccessToken(),
25+
refreshToken: $legacy->getRefreshToken(),
26+
expiresAt: $legacy->getExpiresAt(),
27+
);
28+
}
29+
30+
return new AccessTokenAuthenticator(
31+
accessToken: $data['access_token'],
32+
refreshToken: $data['refresh_token'] ?? null,
33+
expiresAt: isset($data['expires_at']) ? new DateTimeImmutable($data['expires_at']) : null,
34+
);
1935
}
2036

21-
/**
22-
* Prepare the given value for storage.
23-
*/
2437
public function set($model, string $key, $value, array $attributes): mixed
2538
{
2639
if (is_null($value)) {
2740
return null;
2841
}
2942

30-
return serialize($value);
43+
return json_encode([
44+
'access_token' => $value->getAccessToken(),
45+
'refresh_token' => $value->getRefreshToken(),
46+
'expires_at' => $value->getExpiresAt()?->format(DateTimeImmutable::ATOM),
47+
]);
3148
}
3249
}

0 commit comments

Comments
 (0)