Right now we have 1 Token implementation in https://github.com/nextcloud/server/tree/master/lib/private/Authentication/Token
It would make sense to extend this
- Add a TokenManager kind of class this will handle token coming from multiple sources
- Allow for multiple token sources
- current tokens
- the new tokens that would allow to be stored still if you change your password
- OAuth2 token
This would make sense since different tokens have different use cases.
Each tokenprovider would register itself with the TokenManager. A TokenProvider is identifies by a unique ID. For now I'd say that [A-Z][A-Z]\+ would be good enough. SO your token could be: DM+<token> The token manager could then easily recognize tokens and ask the right provider to validate them.
This would make it possible to add support for the public-key tokens (to allow password changes without invalidating tokens).
At the same time it would allow to have the OAuth app hanlde their own tokens properly.
We could even in the future have apps that validate other kind of tokens.
@ChristophWurst as discussed.
Right now we have 1 Token implementation in https://github.com/nextcloud/server/tree/master/lib/private/Authentication/Token
It would make sense to extend this
This would make sense since different tokens have different use cases.
Each tokenprovider would register itself with the TokenManager. A TokenProvider is identifies by a unique ID. For now I'd say that
[A-Z][A-Z]\+would be good enough. SO your token could be:DM+<token>The token manager could then easily recognize tokens and ask the right provider to validate them.This would make it possible to add support for the public-key tokens (to allow password changes without invalidating tokens).
At the same time it would allow to have the OAuth app hanlde their own tokens properly.
We could even in the future have apps that validate other kind of tokens.
@ChristophWurst as discussed.