{"id":18780508,"url":"https://github.com/wunderwerkio/drupal-simple-oauth-refresh-token-buffer","last_synced_at":"2025-12-18T20:30:38.919Z","repository":{"id":198161817,"uuid":"691471278","full_name":"wunderwerkio/drupal-simple-oauth-refresh-token-buffer","owner":"wunderwerkio","description":"Companion Module for simple_oauth that buffers Refresh Token responses to avoid race conditions for multiple simultaneous token refresh requests.","archived":false,"fork":false,"pushed_at":"2023-10-05T08:52:17.000Z","size":43,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"1.0.x","last_synced_at":"2024-12-29T10:44:08.288Z","etag":null,"topics":["drupal-authentication","drupal-module","headless-drupal"],"latest_commit_sha":null,"homepage":"https://www.drupal.org/project/simple_oauth_refresh_token_buffer","language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/wunderwerkio.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-09-14T08:43:13.000Z","updated_at":"2023-10-04T07:17:22.000Z","dependencies_parsed_at":null,"dependency_job_id":"5249ad76-6dbb-48d3-872c-052c8df994c2","html_url":"https://github.com/wunderwerkio/drupal-simple-oauth-refresh-token-buffer","commit_stats":null,"previous_names":["wunderwerkio/drupal-simple-oauth-refresh-token-buffer"],"tags_count":3,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wunderwerkio%2Fdrupal-simple-oauth-refresh-token-buffer","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wunderwerkio%2Fdrupal-simple-oauth-refresh-token-buffer/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wunderwerkio%2Fdrupal-simple-oauth-refresh-token-buffer/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wunderwerkio%2Fdrupal-simple-oauth-refresh-token-buffer/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/wunderwerkio","download_url":"https://codeload.github.com/wunderwerkio/drupal-simple-oauth-refresh-token-buffer/tar.gz/refs/heads/1.0.x","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":239696338,"owners_count":19682217,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["drupal-authentication","drupal-module","headless-drupal"],"created_at":"2024-11-07T20:26:42.782Z","updated_at":"2025-12-18T20:30:33.629Z","avatar_url":"https://github.com/wunderwerkio.png","language":"PHP","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Simple OAuth Refresh Token Buffer\n\nThis modules buffers previous successful HTTP Responses for the\nOAuth 2.0 `RefreshTokenGrant` of the `simple_oauth` drupal contrib module.\n\n**Table of Contents**\n\n- [Motivation](#motivation)\n- [How does it work?](#how-does-it-work)\n- [Installation](#installation)\n- [Configuration](#configuration)\n  - [Enable / Disable](#enable--disable)\n  - [Buffer TTL](#buffer-ttl)\n  - [Wait Timeout](#wait-timeout)\n  - [Wait Retry Count](#wait-retry-count)\n- [Module Development](#module-development)\n  - [Setup Dev Envirionment](#setup-dev-environment)\n\n## Motivation\n\nGiven the following scenario:\n\n- User accesses a page of a web app\n- Multiple requests are made to fetch some data\n- Those requests detect an expired access token and try to refresh the tokens\n- Multiple requests to refresh the tokens are made to Drupal\n- Drupal handles the first token refresh successfully\n- Other requests will fail, because the refresh token has been revoked on\n  the first request\n\nThis scenario is a real pain to solve on the client.\nTherefore this module tries to solve this problem directly on the server.\n\nThis leads to e.g. 5 simultaneous token refresh requests to return the same\nresponse.\n\n## How does it work?\n\nWhenever a token refresh request is made to `/oauth/token` with the payload\nformat for\nthe `RefreshTokenGrant`, this module first creates a unique ID for this\nrequest and\nchecks if this exact request was already made previously.\n\n- If it was not, the request is handled normally by the Authorization Server\n  and the response is then temporarily saved.\n- If it was, but the token refresh is not finished yet, the server waits\n  for the refresh to complete and then returns the saved response.\n- If it was and the refresh was already completed, it returns the previous\n  response.\n\n## Installation\n\n```bash\ncomposer require drupal/simple_auth_refresh_token_buffer\ndrush en simple_auth_refresh_token_buffer\n```\n\n## Configuration\n\nThe functionality of this module can be configured per `Consumer`.\nSettings can therefore be found on the settings page for each `Consumer`.\n\n### Enable / Disable\n\nFor the refresh token buffer to take effect, the functionality must be\nexplicitly enabled for the desired `Consumer`.\n\nIf enabled, refresh token responses are buffered for each request identified\nas the given `Consumer`.\n\n### Buffer TTL\n\nThe time to live for each buffered response can be configured as a\n*Service Parameter*:\n\n```services.yml\nparameters:\n  # Make buffered responses expire after 60 seconds.\n  simple_oauth_refresh_token_buffer.expire: 60\n```\n\n### Wait Timeout\n\nWhen a token refresh is already pending, the current request for the same token\nrefresh must wait for a set period of time until checking again if the response\nfor the token refresh has been buffered.\n\nThe timeout value can be configured in the `Consumer` settings.\n\n### Wait Retry Count\n\nNumber of tries the request handler checks for the finished token refresh\nresponse when the token refresh is already pending.\n\nAfter exceeding this retry count an error response is being returned.\n\nThe retry count value can be configured in the `Consumer` settings.\n\n## Module Development\n\n[Development is done over at GitHub!](https://github.com/wunderwerkio/drupal-simple-oauth-refresh-token-buffer)\n\nPlease file any issues and pull requests there.\n\n### Setup Dev Environment\n\nTo work on the module itself, a development environment can be easily setup with the help of [Nix](https://nixos.org/).\n\n\u003e Heavy lifting is done by the [Drupal Spoons Composer-Plugin](https://gitlab.com/drupalspoons/composer-plugin)!\n\n```sh\n# Spawn a devshell\nnix develop\n\n# Setup dependencies\nsetup-drupal\n\n# Run PHPCS\ncomposer phpcs\n\n# Run PHPUnit\ncomposer unit\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwunderwerkio%2Fdrupal-simple-oauth-refresh-token-buffer","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fwunderwerkio%2Fdrupal-simple-oauth-refresh-token-buffer","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwunderwerkio%2Fdrupal-simple-oauth-refresh-token-buffer/lists"}