ElyBy-Mirror/oauth2-server
1
0
Fork 0
mirror of https://github.com/elyby/oauth2-server.git synced 2024-11-15 01:36:02 +05:30
Code Issues Packages Projects Releases Wiki Activity

Reinstate check on client redirect URI to fail if multiple redirect URIs have been listed for the client and one has not been specified in the auth request

Browse Source
This commit is contained in:
Andrew Millington 2018-02-11 20:10:01 +00:00
parent b3cd73cac7
commit 5fb9fc929a
2 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/Grant/AuthCodeGrant.php
View File

@ -240,7 +240,8 @@ class AuthCodeGrant extends AbstractAuthorizeGrant
$this->getEmitter()->emit(new RequestEvent(RequestEvent::CLIENT_AUTHENTICATION_FAILED, $request));
throw OAuthServerException::invalidClient();
}
} elseif (empty($client->getRedirectUri())) {
} elseif (is_array($client->getRedirectUri()) && count($client->getRedirectUri()) !== 1
|| empty($client->getRedirectUri())) {
$this->getEmitter()->emit(new RequestEvent(RequestEvent::CLIENT_AUTHENTICATION_FAILED, $request));
throw OAuthServerException::invalidClient();
} else {

3
src/Grant/ImplicitGrant.php
View File

@ -149,7 +149,8 @@ class ImplicitGrant extends AbstractAuthorizeGrant
$this->getEmitter()->emit(new RequestEvent(RequestEvent::CLIENT_AUTHENTICATION_FAILED, $request));
throw OAuthServerException::invalidClient();
}
} elseif (empty($client->getRedirectUri())) {
} elseif (is_array($client->getRedirectUri()) && count($client->getRedirectUri()) !== 1
|| empty($client->getRedirectUri())) {
$this->getEmitter()->emit(new RequestEvent(RequestEvent::CLIENT_AUTHENTICATION_FAILED, $request));
throw OAuthServerException::invalidClient();
} else {