ElyBy-Mirror/oauth2-server
1
0
Fork 0
mirror of https://github.com/elyby/oauth2-server.git synced 2024-11-15 09:47:46 +05:30
Code Issues Packages Projects Releases Wiki Activity

If scope parameter is required and there are not requested scopes AND there is no default scope set then fail

Browse Source 
Should have been included in with previous commit
This commit is contained in:
Alex Bilbie 2013-05-09 10:06:26 -07:00
parent ddefb2ee16
commit 351c2e97ea
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/League/OAuth2/Server/Grant/ClientCredentials.php
View File

@ -122,7 +122,7 @@ class ClientCredentials implements GrantTypeInterface {
if ($scopes[$i] === '') unset($scopes[$i]); // Remove any junk scopes if ($scopes[$i] === '') unset($scopes[$i]); // Remove any junk scopes
} }
if ($this->authServer->scopeParamRequired() === true && count($scopes) === 0) { if ($this->authServer->scopeParamRequired() === true && $this->authServer->getDefaultScope() === null && count($scopes) === 0) {
throw new Exception\ClientException(sprintf($this->authServer->getExceptionMessage('invalid_request'), 'scope'), 0); throw new Exception\ClientException(sprintf($this->authServer->getExceptionMessage('invalid_request'), 'scope'), 0);
} elseif (count($scopes) === 0 && $this->authServer->getDefaultScope()) { } elseif (count($scopes) === 0 && $this->authServer->getDefaultScope()) {
$scopes = array($this->authServer->getDefaultScope()); $scopes = array($this->authServer->getDefaultScope());

2
src/League/OAuth2/Server/Grant/Password.php
View File

@ -166,7 +166,7 @@ class Password implements GrantTypeInterface {
if ($scopes[$i] === '') unset($scopes[$i]); // Remove any junk scopes if ($scopes[$i] === '') unset($scopes[$i]); // Remove any junk scopes
} }
if ($this->authServer->scopeParamRequired() === true && count($scopes) === 0) { if ($this->authServer->scopeParamRequired() === true && $this->authServer->getDefaultScope() === null && count($scopes) === 0) {
throw new Exception\ClientException(sprintf($this->authServer->getExceptionMessage('invalid_request'), 'scope'), 0); throw new Exception\ClientException(sprintf($this->authServer->getExceptionMessage('invalid_request'), 'scope'), 0);
} elseif (count($scopes) === 0 && $this->authServer->getDefaultScope()) { } elseif (count($scopes) === 0 && $this->authServer->getDefaultScope()) {
$scopes = array($this->authServer->getDefaultScope()); $scopes = array($this->authServer->getDefaultScope());