ElyBy-Mirror/oauth2-server
1
0
Fork 0
mirror of https://github.com/elyby/oauth2-server.git synced 2024-11-15 17:56:14 +05:30
Code Issues Packages Projects Releases Wiki Activity

Reworked newAuthoriseRequest method so that is always creates a new session (and removes any existing sessions)

Browse Source
This commit is contained in:
Alex Bilbie 2012-07-25 12:03:25 +01:00
parent 17ce8b97d8
commit 411cab1734
1 changed files with 15 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
src/Oauth2/Server.php
View File

@ -201,43 +201,23 @@ maintenance of the server.'
*/ */
public function newAuthoriseRequest($type, $typeId, $authoriseParams) public function newAuthoriseRequest($type, $typeId, $authoriseParams)
{ {
// Check if the user already has an access token // Remove any old sessions the user might have
$accessToken = $this->db->hasAccessToken($type, $typeId, $this->db->deleteSession(
$authoriseParams['client_id']); $authoriseParams['client_id'],
$type,
$typeId
);
if ($accessToken !== false) { // Create the new auth code
$authCode = $this->newAuthCode(
// Validate the access token matches the scopes requested $authoriseParams['client_id'],
$originalScopes = $this->db->accessTokenScopes($accessToken); 'user',
$typeId,
foreach ($authoriseParams['scopes'] as $scope) { $authoriseParams['redirect_uri'],
$authoriseParams['scopes']
if ( ! in_array($scope, $originalScopes)) { );
throw new OAuthServerClientException(
$this->errors['invalid_scope'], 4);
}
}
// The user has authorised the client so generate a new
// authorisation code and return it
$authCode = $this->newAuthCode($authoriseParams['client_id'],
'user', $typeId, $authoriseParams['redirect_uri'],
$authoriseParams['scopes'], $accessToken);
return $authCode; return $authCode;
} else {
$authCode = $this->newAuthCode($authoriseParams['client_id'],
'user', $typeId, $authoriseParams['redirect_uri'],
$authoriseParams['scopes']);
return $authCode;
}
} }
/** /**