ElyBy-Mirror/oauth2-server
1
0
Fork 0
mirror of https://github.com/elyby/oauth2-server.git synced 2025-05-31 14:12:07 +05:30
Code Issues Packages Projects Releases Wiki Activity

Don't associate a scope with a session, we associate it with an access token later

Browse Source
This commit is contained in:
Alex Bilbie
2013-04-29 00:01:07 +01:00
parent a4715bfc3b
commit 351bec6019
1 changed files with 11 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
src/OAuth2/Grant/AuthCode.php
View File

@@ -157,11 +157,11 @@ class AuthCode implements GrantTypeInterface {
// Remove any old sessions the user might have
$this->authServer->getStorage('session')->deleteSession($authParams['client_id'], $type, $typeId);
// Associate scopes with the new session
// List of scopes IDs
$scopeIds = array();
foreach ($authParams['scopes'] as $scope)
{
$this->authServer->getStorage('session')->associateScope($sessionId, $scope['id']);
$scopeIds[] = $scope['id'];
}
// Create a new session
@@ -237,6 +237,14 @@ class AuthCode implements GrantTypeInterface {
$accessTokenExpires,
'granted'
);
// Associate scopes with the access token
if ( ! is_null($session['scope_ids'])) {
$scopeIds = explode(',', $session['scope_ids']);
foreach ($scopeIds as $scopeId) {
$this->authServer->getStorage('session')->associateScope($accessTokenId, $scopeId);
}
}
$response = array(
'access_token' => $accessToken,