Hi
Can you pls explain your motivation to use ManyToMany between AccessToken and Scope ?
This differs from laminas-api-tools/api-tools-oauth2 database structure. There scope is space-separated list of restricted scopes and is baked into AccessToken / RefreshToken.
Imo the ManyToMany brings tiny overhead:
1) it will trigger DB call to get all token's scopes;
2) you will need join scopes to pull all you need from DB with one query;
3) extra insertions when create token with bunch of scopes;
Hi Can you pls explain your motivation to use ManyToMany between AccessToken and Scope ? This differs from laminas-api-tools/api-tools-oauth2 database structure. There scope is space-separated list of restricted scopes and is baked into AccessToken / RefreshToken. Imo the ManyToMany brings tiny overhead: 1) it will trigger DB call to get all token's scopes; 2) you will need join scopes to pull all you need from DB with one query; 3) extra insertions when create token with bunch of scopes;