Remove getScopes function and use validateScopes instead

2024-11-23 05:33:06 +05:30 · 2018-10-13 16:11:44 +01:00 · 2018-10-13 16:11:44 +01:00 · 322b55eddf
commit 322b55eddf
parent 50ab9dd8ac
2 changed files with 19 additions and 31 deletions
--- a/src/Grant/AbstractGrant.php
+++ b/src/Grant/AbstractGrant.php
@ -242,13 +242,13 @@ abstract class AbstractGrant implements GrantTypeInterface
     */
    public function validateScopes($scopes, $redirectUri = null)
    {
-        $scopesList = array_filter(explode(self::SCOPE_DELIMITER_STRING, trim($scopes)), function ($scope) {
-            return !empty($scope);
-        });
+        if (!is_array($scopes)) {
+            $scopes = $this->convertScopesQueryStringToArray($scopes);
+        }

        $validScopes = [];

-        foreach ($scopesList as $scopeItem) {
+        foreach ($scopes as $scopeItem) {
            $scope = $this->scopeRepository->getScopeEntityByIdentifier($scopeItem);

            if ($scope instanceof ScopeEntityInterface === false) {
@ -261,6 +261,20 @@ abstract class AbstractGrant implements GrantTypeInterface
        return $validScopes;
    }

+    /**
+     * Converts a scopes query string to an array to easily iterate for validation.
+     *
+     * @param string $scopes
+     *
+     * @return array
+     */
+    private function convertScopesQueryStringToArray($scopes)
+    {
+        return array_filter(explode(self::SCOPE_DELIMITER_STRING, trim($scopes)), function ($scope) {
+            return !empty($scope);
+        });
+    }
+
    /**
     * Retrieve request parameter.
     *
--- a/src/Grant/AuthCodeGrant.php
+++ b/src/Grant/AuthCodeGrant.php
@ -86,7 +86,7 @@ class AuthCodeGrant extends AbstractAuthorizeGrant
            $this->validateAuthorizationCode($authCodePayload, $client, $request);

            $scopes = $this->scopeRepository->finalizeScopes(
-                $this->getScopes($authCodePayload),
+                $this->validateScopes($authCodePayload->scopes),
                $this->getIdentifier(),
                $client,
                $authCodePayload->user_id
@ -194,32 +194,6 @@ class AuthCodeGrant extends AbstractAuthorizeGrant
        }
    }

-    /**
-     * Get scopes from the auth code payload.
-     *
-     * @param \stdClass $authCodePayload
-     *
-     * @return array
-     */
-    private function getScopes($authCodePayload)
-    {
-        $scopes = [];
-
-        foreach ($authCodePayload->scopes as $scopeId) {
-            $scope = $this->scopeRepository->getScopeEntityByIdentifier($scopeId);
-
-            if ($scope instanceof ScopeEntityInterface === false) {
-                // @codeCoverageIgnoreStart
-                throw OAuthServerException::invalidScope($scopeId);
-                // @codeCoverageIgnoreEnd
-            }
-
-            $scopes[] = $scope;
-        }
-
-        return $scopes;
-    }
-
    /**
     * Return the grant identifier that can be used in matching up requests.
     *