From b069ec630d64355c9776e14c1b8ad0ae7f08feea Mon Sep 17 00:00:00 2001
From: ErickSkrauch <erickskrauch@yandex.ru>
Date: Sun, 5 Feb 2017 15:26:44 +0300
Subject: [PATCH] =?UTF-8?q?=D0=98=D1=81=D0=BF=D1=80=D0=B0=D0=B2=D0=BB?=
 =?UTF-8?q?=D0=B5=D0=BD=D0=B0=20=D0=BE=D1=88=D0=B8=D0=B1=D0=BA=D0=B0=20?=
 =?UTF-8?q?=D0=BF=D1=80=D0=B8=20=D0=BF=D0=BE=D0=BF=D1=8B=D1=82=D0=BA=D0=B5?=
 =?UTF-8?q?=20=D1=80=D0=B5=D1=84=D1=80=D0=B5=D1=88=D0=BD=D1=83=D1=82=D1=8C?=
 =?UTF-8?q?=20=D0=BD=D0=B5=D1=81=D1=83=D1=89=D0=B5=D1=81=D1=82=D0=B2=D1=83?=
 =?UTF-8?q?=D1=8E=D1=89=D0=B8=D0=B9=20oauth=20refresh=20token?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../OAuth2/Storage/RefreshTokenStorage.php           |  3 +++
 .../api/functional/OauthRefreshTokenCest.php         | 12 ++++++++++++
 2 files changed, 15 insertions(+)

diff --git a/api/components/OAuth2/Storage/RefreshTokenStorage.php b/api/components/OAuth2/Storage/RefreshTokenStorage.php
index 2321e76..c1acfe6 100644
--- a/api/components/OAuth2/Storage/RefreshTokenStorage.php
+++ b/api/components/OAuth2/Storage/RefreshTokenStorage.php
@@ -18,6 +18,9 @@ class RefreshTokenStorage extends AbstractStorage implements RefreshTokenInterfa
 
     public function get($token) {
         $result = Json::decode((new Key($this->dataTable, $token))->getValue());
+        if ($result === null) {
+            return null;
+        }
 
         $entity = new RefreshTokenEntity($this->server);
         $entity->setId($result['id']);
diff --git a/tests/codeception/api/functional/OauthRefreshTokenCest.php b/tests/codeception/api/functional/OauthRefreshTokenCest.php
index 47e5e47..7e13680 100644
--- a/tests/codeception/api/functional/OauthRefreshTokenCest.php
+++ b/tests/codeception/api/functional/OauthRefreshTokenCest.php
@@ -16,6 +16,18 @@ class OauthRefreshTokenCest {
         $this->route = new OauthRoute($I);
     }
 
+    public function testInvalidRefreshToken(OauthSteps $I) {
+        $this->route->issueToken($this->buildParams(
+            'some-invalid-refresh-token',
+            'ely',
+            'ZuM1vGchJz-9_UZ5HC3H3Z9Hg5PzdbkM'
+        ));
+        $I->canSeeResponseContainsJson([
+            'error' => 'invalid_request',
+            'message' => 'The refresh token is invalid.',
+        ]);
+    }
+
     public function testRefreshToken(OauthSteps $I) {
         $refreshToken = $I->getRefreshToken();
         $this->route->issueToken($this->buildParams(