Magento 2.4.4 support

[jeroen-hso]

We are upgrading to Magento 2.4.4 and authorization is not working in staging environment. Is this related to #86? Is there a workaround to use this package with Magento 2.4.4?

Thanks in advance for your help.

[ahinkle]

What errors are you getting?

[jeroen-hso]

401 Unauthorized

array:2 [▼
"message" => "User is not authorized to %resources"
"parameters" => array:1 [▼
"resources" => "Magento_Catalog::products"
]
]

More information:
https://developer.adobe.com/commerce/webapi/get-started/authentication/gs-authentication-token/

In previous versions of Commerce, the access token could be used on its own for token-based authentication. This behavior has been disabled by default due to the security implications of a never-expiring access token. Namely, if the access token is compromised it provides undetected persistent access to a store.

[ahinkle]

ha, darn how unfortunate. classic Magento changing things up. I'm open to PRs but likely this will be tough because of the authenticators and the tokens. In this package, they are in a persistent config state vs. now they are dynamic on request. It's also important that we allow legacy (token-based) authentication as well.

To be frank, this is unfortunate to hear as BigCommerce, Shopify, and other major eCommerce platforms are still rolling with token-based authentication.

[jeroen-hso]

I'm not so skilled to create the additional coding for this. I will use this workaround for now:

However, while it is not recommended, this behavior can be restored in the Admin by setting the Stores > Configuration > Services > OAuth > Consumer Settings > Allow OAuth Access Tokens to be used as standalone Bearer tokens option to Yes.