mirror of
https://github.com/elyby/oauth2-server.git
synced 2024-12-24 22:19:58 +05:30
Fix #837
Unifies how we fetch the client_id from the request and allows us to throw a more appropriate exception when the client_id parameter is missing. Improves the test method for this validation by checking the culpable method in this particular case. The test was missing this by calling the wrong method.
This commit is contained in:
parent
e24964af07
commit
6723aadfe8
@ -196,6 +196,27 @@ class AuthCodeGrant extends AbstractAuthorizeGrant
|
||||
return 'authorization_code';
|
||||
}
|
||||
|
||||
/**
|
||||
* Fetch the client_id parameter from the query string.
|
||||
*
|
||||
* @return string
|
||||
* @throws OAuthServerException
|
||||
*/
|
||||
protected function getClientIdFromRequest($request)
|
||||
{
|
||||
$clientId = $this->getQueryStringParameter(
|
||||
'client_id',
|
||||
$request,
|
||||
$this->getServerParameter('PHP_AUTH_USER', $request)
|
||||
);
|
||||
|
||||
if (is_null($clientId)) {
|
||||
throw OAuthServerException::invalidRequest('client_id');
|
||||
}
|
||||
|
||||
return $clientId;
|
||||
}
|
||||
|
||||
/**
|
||||
* {@inheritdoc}
|
||||
*/
|
||||
@ -204,7 +225,7 @@ class AuthCodeGrant extends AbstractAuthorizeGrant
|
||||
return (
|
||||
array_key_exists('response_type', $request->getQueryParams())
|
||||
&& $request->getQueryParams()['response_type'] === 'code'
|
||||
&& isset($request->getQueryParams()['client_id'])
|
||||
&& null !== $this->getClientIdFromRequest($request)
|
||||
);
|
||||
}
|
||||
|
||||
@ -213,14 +234,7 @@ class AuthCodeGrant extends AbstractAuthorizeGrant
|
||||
*/
|
||||
public function validateAuthorizationRequest(ServerRequestInterface $request)
|
||||
{
|
||||
$clientId = $this->getQueryStringParameter(
|
||||
'client_id',
|
||||
$request,
|
||||
$this->getServerParameter('PHP_AUTH_USER', $request)
|
||||
);
|
||||
if (is_null($clientId)) {
|
||||
throw OAuthServerException::invalidRequest('client_id');
|
||||
}
|
||||
$clientId = $this->getClientIdFromRequest($request);
|
||||
|
||||
$client = $this->clientRepository->getClientEntity(
|
||||
$clientId,
|
||||
|
@ -335,7 +335,7 @@ class AuthCodeGrantTest extends TestCase
|
||||
]
|
||||
);
|
||||
|
||||
$grant->validateAuthorizationRequest($request);
|
||||
$grant->canRespondToAuthorizationRequest($request);
|
||||
}
|
||||
|
||||
/**
|
||||
|
Loading…
Reference in New Issue
Block a user