mirror of
https://github.com/elyby/accounts.git
synced 2024-11-09 06:02:39 +05:30
Fix redirect_uri validation for the AuthCodeGrant
This commit is contained in:
parent
a8e20a9775
commit
22d8971dc5
@ -9,7 +9,11 @@ use api\components\OAuth2\Repositories\PublicScopeRepository;
|
|||||||
use DateInterval;
|
use DateInterval;
|
||||||
use League\OAuth2\Server\Entities\AccessTokenEntityInterface;
|
use League\OAuth2\Server\Entities\AccessTokenEntityInterface;
|
||||||
use League\OAuth2\Server\Entities\ClientEntityInterface;
|
use League\OAuth2\Server\Entities\ClientEntityInterface;
|
||||||
|
use League\OAuth2\Server\Exception\OAuthServerException;
|
||||||
use League\OAuth2\Server\Grant\AuthCodeGrant as BaseAuthCodeGrant;
|
use League\OAuth2\Server\Grant\AuthCodeGrant as BaseAuthCodeGrant;
|
||||||
|
use League\OAuth2\Server\RequestEvent;
|
||||||
|
use Psr\Http\Message\ServerRequestInterface;
|
||||||
|
use yii\helpers\StringHelper;
|
||||||
|
|
||||||
class AuthCodeGrant extends BaseAuthCodeGrant {
|
class AuthCodeGrant extends BaseAuthCodeGrant {
|
||||||
use CryptTrait;
|
use CryptTrait;
|
||||||
@ -40,4 +44,20 @@ class AuthCodeGrant extends BaseAuthCodeGrant {
|
|||||||
return parent::issueAccessToken($accessTokenTTL, $client, $userIdentifier, $scopes);
|
return parent::issueAccessToken($accessTokenTTL, $client, $userIdentifier, $scopes);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
protected function validateRedirectUri(
|
||||||
|
string $redirectUri,
|
||||||
|
ClientEntityInterface $client,
|
||||||
|
ServerRequestInterface $request
|
||||||
|
): void {
|
||||||
|
$allowedRedirectUris = (array)$client->getRedirectUri();
|
||||||
|
foreach ($allowedRedirectUris as $allowedRedirectUri) {
|
||||||
|
if (StringHelper::startsWith($redirectUri, $allowedRedirectUri)) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
$this->getEmitter()->emit(new RequestEvent(RequestEvent::CLIENT_AUTHENTICATION_FAILED, $request));
|
||||||
|
throw OAuthServerException::invalidClient($request);
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user