ElyBy-Mirror/oauth2-server
1
0
Fork 0
mirror of https://github.com/elyby/oauth2-server.git synced 2025-05-31 14:12:07 +05:30
Code Issues Packages Projects Releases Wiki Activity

Fixed ordering so we only hash after base64 encoding

Browse Source
This commit is contained in:
Andrew Millington
2017-12-23 02:06:18 +00:00
parent f11e4c81cd
commit 1c36b70dab
2 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/Grant/AuthCodeGrant.php
View File

@@ -144,7 +144,7 @@ class AuthCodeGrant extends AbstractAuthorizeGrant
case 'S256':
if (
hash_equals(
strtr(rtrim(base64_encode(hash('sha256', $codeVerifier)), '='), '+/', '-_'),
hash('sha256', strtr(rtrim(base64_encode($codeVerifier), '='), '+/', '-_')),
$authCodePayload->code_challenge
) === false
) {