Fix #231

2025-05-31 14:12:07 +05:30 · 2014-11-08 16:44:39 +00:00
parent 856051bfb3
commit b9debaab26
7 changed files with 80 additions and 5 deletions
--- a/src/ResourceServer.php
+++ b/src/ResourceServer.php
@@ -99,10 +99,17 @@ class ResourceServer extends AbstractServer
        // Set the access token
        $this->accessToken = $this->getAccessTokenStorage()->get($accessTokenString);

+        // Ensure the access token exists
        if (!$this->accessToken instanceof AccessTokenEntity) {
            throw new Exception\AccessDeniedException;
        }

+        // Check the access token hasn't expired
+        // Ensure the auth code hasn't expired
+        if ($this->accessToken->isExpired() === true) {
+            throw new Exception\AccessDeniedException;
+        }
+
        return true;
    }