chore: Implement auth caching (#78)

* Initial implementation of auth caching

* Add auth mod

* Fix tests

* Move Result to err mod

* fix: refactor codes

Author: itsyaasir

.vscode/settings.json

@@ -0,0 +1,5 @@
+{
+    "cSpell.words": [
+        "Mpesa"
+    ]
+}

Cargo.toml

@@ -10,23 +10,37 @@ readme = "./README.md"
 license = "MIT"
 
 [dependencies]
-chrono = {version = "0.4", optional = true, default-features = false, features = ["clock", "serde"] }
-openssl = {version = "0.10", optional = true}
-reqwest = {version = "0.11", features = ["json"]}
-secrecy = "0.8.0"
-serde = {version="1.0", features= ["derive"]}
+cached = { version = "0.46", features = ["wasm", "async", "proc_macro"] }
+chrono = { version = "0.4", optional = true, default-features = false, features = [
+	"clock",
+	"serde",
+] }
+openssl = { version = "0.10", optional = true }
+reqwest = { version = "0.11", features = ["json"] }
+serde = { version = "1.0", features = ["derive"] }
 serde_json = "1.0"
 serde_repr = "0.1"
 thiserror = "1.0.37"
 wiremock = "0.5"
+secrecy = "0.8.0"
 
 [dev-dependencies]
 dotenv = "0.15"
-tokio = {version = "1", features = ["rt", "rt-multi-thread", "macros"]}
+tokio = { version = "1", features = ["rt", "rt-multi-thread", "macros"] }
 wiremock = "0.5"
 
 [features]
-default = ["account_balance", "b2b", "b2c", "bill_manager", "c2b_register", "c2b_simulate", "express_request", "transaction_reversal", "transaction_status"]
+default = [
+	"account_balance",
+	"b2b",
+	"b2c",
+	"bill_manager",
+	"c2b_register",
+	"c2b_simulate",
+	"express_request",
+	"transaction_reversal",
+	"transaction_status",
+]
 account_balance = ["dep:openssl"]
 b2b = ["dep:openssl"]
 b2c = ["dep:openssl"]
@@ -35,4 +49,4 @@ c2b_register = []
 c2b_simulate = []
 express_request = ["dep:chrono"]
 transaction_reversal = ["dep:openssl"]
-transaction_status= ["dep:openssl"]
+transaction_status = ["dep:openssl"]

src/auth.rs

@@ -0,0 +1,115 @@
+use cached::proc_macro::cached;
+use serde::{Deserialize, Serialize};
+
+use crate::{ApiEnvironment, ApiError, Mpesa, MpesaError, MpesaResult};
+
+const AUTHENTICATION_URL: &str = "/oauth/v1/generate?grant_type=client_credentials";
+
+#[cached(
+    size = 1,
+    time = 3600,
+    key = "String",
+    result = true,
+    convert = r#"{ format!("{}", client.client_key()) }"#
+)]
+pub(crate) async fn auth(client: &Mpesa<impl ApiEnvironment>) -> MpesaResult<String> {
+    let url = format!("{}{}", client.environment.base_url(), AUTHENTICATION_URL);
+
+    let response = client
+        .http_client
+        .get(&url)
+        .basic_auth(client.client_key(), Some(&client.client_secret()))
+        .send()
+        .await?;
+
+    if response.status().is_success() {
+        let value = response.json::<AuthenticationResponse>().await?;
+        let access_token = value.access_token;
+
+        return Ok(access_token);
+    }
+
+    let error = response.json::<ApiError>().await?;
+    Err(MpesaError::AuthenticationError(error))
+}
+
+/// Response returned from the authentication function
+#[derive(Debug, Serialize, Deserialize)]
+pub struct AuthenticationResponse {
+    /// Access token which is used as the Bearer-Auth-Token
+    pub access_token: String,
+    /// Expiry time in seconds
+    pub expiry_in: u64,
+}
+
+impl std::fmt::Display for AuthenticationResponse {
+    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
+        write!(
+            f,
+            "token :{} expires in: {}",
+            self.access_token, self.expiry_in
+        )
+    }
+}
+
+#[cfg(test)]
+mod tests {
+    use wiremock::{Mock, MockServer};
+
+    use super::*;
+
+    #[derive(Debug, Clone)]
+    pub struct TestEnvironment {
+        pub server_url: String,
+    }
+
+    impl TestEnvironment {
+        pub async fn new(server: &MockServer) -> Self {
+            TestEnvironment {
+                server_url: server.uri(),
+            }
+        }
+    }
+
+    impl ApiEnvironment for TestEnvironment {
+        fn base_url(&self) -> &str {
+            &self.server_url
+        }
+
+        fn get_certificate(&self) -> &str {
+            include_str!("../src/certificates/sandbox")
+        }
+    }
+
+    #[tokio::test]
+    async fn test_cached_auth() {
+        use cached::Cached;
+
+        use crate::Mpesa;
+
+        let server = MockServer::start().await;
+
+        let env = TestEnvironment::new(&server).await;
+
+        let client = Mpesa::new("test_api_key", "test_public_key", env);
+
+        Mock::given(wiremock::matchers::method("GET"))
+            .respond_with(wiremock::ResponseTemplate::new(200).set_body_json(
+                AuthenticationResponse {
+                    access_token: "test_token".to_string(),
+                    expiry_in: 3600,
+                },
+            ))
+            .expect(1)
+            .mount(&server)
+            .await;
+
+        auth_prime_cache(&client).await.unwrap();
+
+        let mut cache = AUTH.lock().await;
+
+        assert!(cache.cache_get(&client.client_key().to_string()).is_some());
+        assert_eq!(cache.cache_hits().unwrap(), 1);
+        assert_eq!(cache.cache_capacity().unwrap(), 1);
+    }
+}

src/client.rs

@@ -1,27 +1,27 @@
+use std::cell::RefCell;
+
+use cached::Cached;
+use openssl::base64;
+use openssl::rsa::Padding;
+use openssl::x509::X509;
+use reqwest::Client as HttpClient;
+
+use crate::auth::AUTH;
 use crate::environment::ApiEnvironment;
 use crate::services::{
     AccountBalanceBuilder, B2bBuilder, B2cBuilder, BulkInvoiceBuilder, C2bRegisterBuilder,
     C2bSimulateBuilder, CancelInvoiceBuilder, MpesaExpressRequestBuilder, OnboardBuilder,
     OnboardModifyBuilder, ReconciliationBuilder, SingleInvoiceBuilder, TransactionReversalBuilder,
     TransactionStatusBuilder,
 };
-use crate::{ApiError, MpesaError};
-use openssl::base64;
-use openssl::rsa::Padding;
-use openssl::x509::X509;
-use reqwest::Client as HttpClient;
+use crate::{auth, MpesaResult};
 use secrecy::{ExposeSecret, Secret};
-use serde_json::Value;
-use std::cell::RefCell;
 
 /// Source: [test credentials](https://developer.safaricom.co.ke/test_credentials)
 const DEFAULT_INITIATOR_PASSWORD: &str = "Safcom496!";
 /// Get current package version from metadata
 const CARGO_PACKAGE_VERSION: &str = env!("CARGO_PKG_VERSION");
 
-/// `Result` enum type alias
-pub type MpesaResult<T> = Result<T, MpesaError>;
-
 /// Mpesa client that will facilitate communication with the Safaricom API
 #[derive(Clone, Debug)]
 pub struct Mpesa<Env: ApiEnvironment> {
@@ -72,6 +72,16 @@ impl<'mpesa, Env: ApiEnvironment> Mpesa<Env> {
         p.expose_secret().into()
     }
 
+    /// Get the client key
+    pub(crate) fn client_key(&self) -> &str {
+        &self.client_key
+    }
+
+    /// Get the client secret
+    pub(crate) fn client_secret(&self) -> &str {
+        self.client_secret.expose_secret()
+    }
+
     /// Optional in development but required for production, you will need to call this method and set your production initiator password.
     /// If in development, default initiator password is already pre-set
     /// ```ignore
@@ -107,31 +117,27 @@ impl<'mpesa, Env: ApiEnvironment> Mpesa<Env> {
     /// # Errors
     /// Returns a `MpesaError` on failure
     pub(crate) async fn auth(&self) -> MpesaResult<String> {
-        let url = format!(
-            "{}/oauth/v1/generate?grant_type=client_credentials",
-            self.environment.base_url()
-        );
-        let response = self
-            .http_client
-            .get(&url)
-            .basic_auth(&self.client_key, Some(&self.client_secret.expose_secret()))
-            .send()
-            .await?;
-        if response.status().is_success() {
-            let value = response.json::<Value>().await?;
-            let access_token = value
-                .get("access_token")
-                .ok_or_else(|| String::from("Failed to extract token from the response"))
-                .unwrap();
-            let access_token = access_token
-                .as_str()
-                .ok_or_else(|| String::from("Error converting access token to string"))
-                .unwrap();
-
-            return Ok(access_token.to_string());
+        if let Some(token) = AUTH.lock().await.cache_get(&self.client_key) {
+            return Ok(token.to_owned());
         }
-        let error = response.json::<ApiError>().await?;
-        Err(MpesaError::AuthenticationError(error))
+
+        // Generate a new access token
+        let new_token = match auth::auth_prime_cache(self).await {
+            Ok(token) => token,
+            Err(e) => return Err(e),
+        };
+
+        // Double-check if the access token is cached by another thread
+        if let Some(token) = AUTH.lock().await.cache_get(&self.client_key) {
+            return Ok(token.to_owned());
+        }
+
+        // Cache the new token
+        AUTH.lock()
+            .await
+            .cache_set(self.client_key.clone(), new_token.to_owned());
+
+        Ok(new_token)
     }
 
     /// **B2C Builder**
@@ -529,9 +535,8 @@ impl<'mpesa, Env: ApiEnvironment> Mpesa<Env> {
 
 #[cfg(test)]
 mod tests {
-    use crate::Sandbox;
-
     use super::*;
+    use crate::Sandbox;
 
     #[test]
     fn test_setting_initator_password() {

src/constants.rs

@@ -1,7 +1,8 @@
+use std::fmt::{Display, Formatter, Result as FmtResult};
+
 use chrono::prelude::{DateTime, Utc};
 use serde::{Deserialize, Serialize};
 use serde_repr::{Deserialize_repr, Serialize_repr};
-use std::fmt::{Display, Formatter, Result as FmtResult};
 
 /// Mpesa command ids
 #[derive(Debug, Serialize, Deserialize)]

src/environment.rs

@@ -10,8 +10,10 @@
 //! and the `public key` an X509 certificate used for encrypting initiator passwords. You can read more about that from
 //! the Safaricom API [docs](https://developer.safaricom.co.ke/docs?javascript#security-credentials).
 
+use std::convert::TryFrom;
+use std::str::FromStr;
+
 use crate::MpesaError;
-use std::{convert::TryFrom, str::FromStr};
 
 #[derive(Debug, Clone)]
 /// Enum to map to desired environment so as to access certificate

src/errors.rs

@@ -1,5 +1,7 @@
+use std::env::VarError;
+use std::fmt;
+
 use serde::{Deserialize, Serialize};
-use std::{env::VarError, fmt};
 
 /// Mpesa error stack
 #[derive(thiserror::Error, Debug)]
@@ -46,6 +48,9 @@ pub enum MpesaError {
     Message(&'static str),
 }
 
+/// `Result` enum type alias
+pub type MpesaResult<T> = Result<T, MpesaError>;
+
 #[derive(Debug, Serialize, Deserialize)]
 pub struct ApiError {
     pub request_id: String,

src/lib.rs

@@ -1,15 +1,16 @@
 #![doc = include_str!("../README.md")]
 
+mod auth;
 mod client;
 mod constants;
 pub mod environment;
 mod errors;
 pub mod services;
 
-pub use client::{Mpesa, MpesaResult};
+pub use client::Mpesa;
 pub use constants::{
     CommandId, IdentifierTypes, Invoice, InvoiceItem, ResponseType, SendRemindersTypes,
 };
 pub use environment::ApiEnvironment;
 pub use environment::Environment::{self, Production, Sandbox};
-pub use errors::{ApiError, MpesaError};
+pub use errors::{ApiError, MpesaError, MpesaResult};

src/services/account_balance.rs

@@ -1,8 +1,8 @@
-use crate::client::MpesaResult;
+use serde::{Deserialize, Serialize};
+
 use crate::constants::{CommandId, IdentifierTypes};
 use crate::environment::ApiEnvironment;
-use crate::{Mpesa, MpesaError};
-use serde::{Deserialize, Serialize};
+use crate::{Mpesa, MpesaError, MpesaResult};
 
 #[derive(Debug, Serialize)]
 /// Account Balance payload

src/services/b2b.rs

@@ -1,8 +1,9 @@
-use crate::client::{Mpesa, MpesaResult};
+use serde::{Deserialize, Serialize};
+
+use crate::client::Mpesa;
 use crate::constants::{CommandId, IdentifierTypes};
 use crate::environment::ApiEnvironment;
-use crate::errors::MpesaError;
-use serde::{Deserialize, Serialize};
+use crate::errors::{MpesaError, MpesaResult};
 
 #[derive(Debug, Serialize)]
 struct B2bPayload<'mpesa> {