mirror of
https://github.com/elyby/oauth2-server.git
synced 2024-12-16 18:19:47 +05:30
Don't associate a scope with a session, we associate it with an access token later
This commit is contained in:
parent
a4715bfc3b
commit
351bec6019
@ -157,11 +157,11 @@ class AuthCode implements GrantTypeInterface {
|
|||||||
// Remove any old sessions the user might have
|
// Remove any old sessions the user might have
|
||||||
$this->authServer->getStorage('session')->deleteSession($authParams['client_id'], $type, $typeId);
|
$this->authServer->getStorage('session')->deleteSession($authParams['client_id'], $type, $typeId);
|
||||||
|
|
||||||
|
// List of scopes IDs
|
||||||
// Associate scopes with the new session
|
$scopeIds = array();
|
||||||
foreach ($authParams['scopes'] as $scope)
|
foreach ($authParams['scopes'] as $scope)
|
||||||
{
|
{
|
||||||
$this->authServer->getStorage('session')->associateScope($sessionId, $scope['id']);
|
$scopeIds[] = $scope['id'];
|
||||||
}
|
}
|
||||||
|
|
||||||
// Create a new session
|
// Create a new session
|
||||||
@ -237,6 +237,14 @@ class AuthCode implements GrantTypeInterface {
|
|||||||
$accessTokenExpires,
|
$accessTokenExpires,
|
||||||
'granted'
|
'granted'
|
||||||
);
|
);
|
||||||
|
// Associate scopes with the access token
|
||||||
|
if ( ! is_null($session['scope_ids'])) {
|
||||||
|
$scopeIds = explode(',', $session['scope_ids']);
|
||||||
|
|
||||||
|
foreach ($scopeIds as $scopeId) {
|
||||||
|
$this->authServer->getStorage('session')->associateScope($accessTokenId, $scopeId);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
$response = array(
|
$response = array(
|
||||||
'access_token' => $accessToken,
|
'access_token' => $accessToken,
|
||||||
|
Loading…
Reference in New Issue
Block a user