Make Openpay SDK credentials request-safe for php-fpm and FrankenPHP worker#88
Open
HecFranco wants to merge 1 commit into
Open
Conversation
Author
|
Thank you for maintaining and publishing this package — it has been very useful for integrating Openpay into our PHP applications. We have opened this MR to make credential handling safe under long-lived PHP workers (php-fpm and FrankenPHP worker), where process-global statics can otherwise leak merchant credentials across requests. The changes are additive (configure() / reset() / createRoot()) and keep getInstance() as the main entry point. We would appreciate it if you could review and approve this MR when you have a moment. Happy to adjust anything based on your feedback. Thanks again for your work on the SDK. |
HecFranco
force-pushed
the
feature/request-safe-credentials-frankenphp-fpm
branch
from
July 17, 2026 08:31
8fbe8a4 to
7d95fa4
Compare
Add configure()/reset() and createRoot() so merchant statics can be cleared between requests in long-lived workers (FrankenPHP) and FPM.
HecFranco
force-pushed
the
feature/request-safe-credentials-frankenphp-fpm
branch
from
July 17, 2026 08:31
7d95fa4 to
d27bd63
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
This PR hardens
openpay/sdkso merchant credentials stored in process-global statics can be explicitly configured and cleared per logical API session.Upstream Openpay PHP keeps
merchant id,api key, country, endpoints and related state in static properties onOpenpay\Data\Openpay. That design is acceptable when the PHP process lifetime equals a single HTTP request (classic short-lived workers). It is unsafe when the same process serves many requests:getInstance()only partially updates fieldsThe Composer package name remains
openpay/sdkso this repository can replace Packagist via a VCS or path repository without renaming the dependency.What changed
Openpay\Data\Openpayconfigure(string $id, string $apiKey, string $country = 'MX', string $publicIp = '127.0.0.1'): voidOverwrites merchant context in full (no merge with previous values) and refreshes endpoint URLs for the country.
reset(): voidClears merchant id, API key, country, public IP, endpoints, sandbox flags, classification, user agent and the cached instance. Safe to call after each API session and on framework request/kernel reset hooks.
getInstance(...)Always goes through
configure()(defaults country toMXand public IP to127.0.0.1when empty/null), then returnsOpenpayApi::createRoot().Behavioural fix vs upstream: empty strings or partial updates no longer leave a previous merchant’s credentials in place.
Openpay\Data\OpenpayApicreateRoot(): selfPublic factory used after credentials are configured (avoids relying on a public
getInstancefor the API root).Minor clean-ups aligned with PHP 8.x (
declare(strict_types=1),self::class,#[Override]where applicable).composer.json>=8.1.supportURLs at this repository.Why this is needed
Packagist upstream does not expose
configure()/reset(). Without those APIs (or an equivalent override), application code cannot reliably clear static merchant state between requests in a long-lived process.Upstream
getInstance()also updates credentials conditionally (e.g. only when id/apiKey/country are non-empty). In a reused worker that can leave the previous merchant’s values in place when a later call omits or empties a field.Recommended usage
Prefer an explicit session boundary:
Openpay::getInstance($id, $apiKey, $country, $publicIp)remains supported and now always reconfigures before returning the API root.In frameworks that support request-scoped service reset (e.g. Symfony
ResetInterface), callOpenpay::reset()from that hook as a safety net in addition to thefinallyblock above.Compatibility
configure,reset,createRoot;getInstanceremains the primary entry point.reset()is cheap insurance on worker reuse.3.1.1(5a922d4); Resources and connectors unchanged aside from the Data layer above.Test plan
configure(A)thenconfigure(B)→getId()/getApiKey()/ country / public IP equal B only (no leftover A).reset(), static id, apiKey, country and publicIp arenull(or equivalent cleared state).getInstance(...)after a previous merchant still returns an API root bound to the new credentials.reset()in afinallyblock runs when the callback throws (no credential left for the next call in the same process).openpay/sdkfrom this repository (VCS/path) and autoloadsOpenpay\Data\Openpayfrom this package, not an older Packagist copy withoutreset().Checklist
configure)reset)getInstancepath (no partial merge with previous merchant)composer.json3.1.1-1or3.1.2) for pinable Composer constraints