ElyBy-Mirror/oauth2-server
1
0
Fork 0
mirror of https://github.com/elyby/oauth2-server.git synced 2024-12-26 15:00:19 +05:30
Code Issues Packages Projects Releases Wiki Activity

Access denied on token expiry (or value before nbf/not before) - issue #506

Browse Source
This commit is contained in:
Adam McCann 2016-03-31 18:50:36 +01:00
parent 9533595394
commit 8f69f4f9a9
1 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/AuthorizationValidators/BearerTokenValidator.php
View File

@ -3,6 +3,7 @@
namespace League\OAuth2\Server\AuthorizationValidators; namespace League\OAuth2\Server\AuthorizationValidators;
use Lcobucci\JWT\Parser; use Lcobucci\JWT\Parser;
use Lcobucci\JWT\ValidationData;
use Lcobucci\JWT\Signer\Rsa\Sha256; use Lcobucci\JWT\Signer\Rsa\Sha256;
use League\OAuth2\Server\CryptTrait; use League\OAuth2\Server\CryptTrait;
use League\OAuth2\Server\Exception\OAuthServerException; use League\OAuth2\Server\Exception\OAuthServerException;
@ -47,6 +48,14 @@ class BearerTokenValidator implements AuthorizationValidatorInterface
throw OAuthServerException::accessDenied('Access token could not be verified'); throw OAuthServerException::accessDenied('Access token could not be verified');
} }
// validate
$data = new ValidationData();
$data->setCurrentTime(time());
if ($token->validate($data) === false) {
throw OAuthServerException::accessDenied('Access token is invalid');
}
// Check if token has been revoked // Check if token has been revoked
if ($this->accessTokenRepository->isAccessTokenRevoked($token->getClaim('jti'))) { if ($this->accessTokenRepository->isAccessTokenRevoked($token->getClaim('jti'))) {
throw OAuthServerException::accessDenied('Access token has been revoked'); throw OAuthServerException::accessDenied('Access token has been revoked');