Fix conflicting access token cache for fetching user info from SSO.

src/Configuration/OAuth2Configuration.php

@@ -41,7 +41,7 @@ public function getSsoAuthorizeUrl(): string
         return $this->ssoAuthorizeUrl;
     }
 
-    public function getSsoUserInfoUrl(?string $userId): string
+    public function getSsoUserInfoUrl(?string $userId = null): string
     {
         if (!$userId) {
             return $this->ssoUserInfoUrl;

src/Domain/Process/OAuth2/GrantAccessByOAuth2TokenProcess.php

@@ -135,7 +135,7 @@ private function getAuthUser(AccessTokenDto $accessTokenDto): ?AnzuAuthUserInter
     {
         if (self::AUTH_METHOD_SSO_EMAIL === $this->authMethod) {
             // fetch user info
-            $ssoUser = $this->OAuth2HttpClient->getSsoUserInfo();
+            $ssoUser = $this->OAuth2HttpClient->getCurrentSsoUserInfo($accessTokenDto);
 
             return $this->oAuth2AuthUserRepository->findOneBySsoEmail($ssoUser->getEmail());
         }
@@ -149,7 +149,7 @@ private function getAuthUser(AccessTokenDto $accessTokenDto): ?AnzuAuthUserInter
             }
 
             // otherwise fetch user info
-            $ssoUser = $this->OAuth2HttpClient->getSsoUserInfo();
+            $ssoUser = $this->OAuth2HttpClient->getCurrentSsoUserInfo($accessTokenDto);
 
             return $this->oAuth2AuthUserRepository->findOneBySsoUserId($ssoUser->getId());
         }

src/HttpClient/OAuth2HttpClient.php

@@ -20,7 +20,7 @@
 
 final class OAuth2HttpClient
 {
-    private const CLIENT_SERVICE_ACCESS_TOKEN_CACHE_KEY = 'sso_access_token_client_service';
+    private const string CLIENT_SERVICE_ACCESS_TOKEN_CACHE_KEY = 'sso_access_token_client_service';
 
     public function __construct(
         private readonly HttpClientInterface $client,
@@ -34,24 +34,20 @@ public function __construct(
      */
     public function requestAccessTokenByAuthCode(string $code): AccessTokenDto
     {
-        $accessToken = $this->sendTokenRequest($this->configuration->getSsoAccessTokenUrl(), [
+        return $this->sendTokenRequest($this->configuration->getSsoAccessTokenUrl(), [
             'grant_type' => 'authorization_code',
             'code' => $code,
             'client_id' => $this->configuration->getSsoClientId(),
             'client_secret' => $this->configuration->getSsoClientSecret(),
             'redirect_uri' => $this->configuration->getSsoRedirectUrl(),
         ]);
-
-        $this->storeAccessTokenToCache($this->getAccessTokenCacheItem(), $accessToken);
-
-        return $accessToken;
     }
 
     /**
      * @throws UnsuccessfulAccessTokenRequestException
      * @throws UnsuccessfulUserInfoRequestException
      */
-    public function getSsoUserInfo(?string $id = null): SsoUserDto
+    public function getSsoUserInfo(string $id): SsoUserDto
     {
         try {
             $response = $this->client->request(
@@ -70,6 +66,28 @@ public function getSsoUserInfo(?string $id = null): SsoUserDto
         }
     }
 
+    /**
+     * @throws UnsuccessfulUserInfoRequestException
+     */
+    public function getCurrentSsoUserInfo(AccessTokenDto $token): SsoUserDto
+    {
+        try {
+            $response = $this->client->request(
+                method: Request::METHOD_GET,
+                url: $this->configuration->getSsoUserInfoUrl(),
+                options: [
+                    'auth_bearer' => $token->getAccessToken(),
+                ]
+            );
+
+            return $this->serializer->deserialize($response->getContent(), $this->configuration->getSsoUserInfoClass());
+        } catch (ExceptionInterface $exception) {
+            throw UnsuccessfulUserInfoRequestException::create('User info request failed!', $exception);
+        } catch (SerializerException $exception) {
+            throw UnsuccessfulUserInfoRequestException::create('User info response deserialization failed!', $exception);
+        }
+    }
+
     public function getSsoUserInfoByEmail(string $email): SsoUserDto
     {
         try {