mirror of
https://github.com/elyby/oauth2-server.git
synced 2024-11-15 09:47:46 +05:30
Making client secret optional during refresh and access token requsets.
This commit is contained in:
parent
31e5f4d33c
commit
d88e01c7dd
@ -60,6 +60,14 @@ class AuthCodeGrant extends AbstractGrant
|
||||
*/
|
||||
protected $authTokenTTL = 600;
|
||||
|
||||
/**
|
||||
* Whether to require the client secret when
|
||||
* completing the flow.
|
||||
*
|
||||
* @var boolean
|
||||
*/
|
||||
protected $requireClientSecret = true;
|
||||
|
||||
/**
|
||||
* Override the default access token expire time
|
||||
*
|
||||
@ -72,6 +80,27 @@ class AuthCodeGrant extends AbstractGrant
|
||||
$this->authTokenTTL = $authTokenTTL;
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
* @param bool $required True to require client secret during access
|
||||
* token request. False if not. Default = true
|
||||
*/
|
||||
public function setRequireClientSecret($required)
|
||||
{
|
||||
$this->requireClientSecret = $required;
|
||||
}
|
||||
|
||||
/**
|
||||
* True if client secret is required during
|
||||
* access token request. False if it isn't.
|
||||
*
|
||||
* @return bool
|
||||
*/
|
||||
public function shouldRequireClientSecret()
|
||||
{
|
||||
return $this->requireClientSecret;
|
||||
}
|
||||
|
||||
/**
|
||||
* Check authorize parameters
|
||||
*
|
||||
@ -184,7 +213,7 @@ class AuthCodeGrant extends AbstractGrant
|
||||
|
||||
$clientSecret = $this->server->getRequest()->request->get('client_secret',
|
||||
$this->server->getRequest()->getPassword());
|
||||
if (is_null($clientSecret)) {
|
||||
if ($this->shouldRequireClientSecret() && is_null($clientSecret)) {
|
||||
throw new Exception\InvalidRequestException('client_secret');
|
||||
}
|
||||
|
||||
@ -271,4 +300,4 @@ class AuthCodeGrant extends AbstractGrant
|
||||
|
||||
return $this->server->getTokenType()->generateResponse();
|
||||
}
|
||||
}
|
||||
}
|
@ -42,6 +42,14 @@ class RefreshTokenGrant extends AbstractGrant
|
||||
*/
|
||||
protected $refreshTokenRotate = true;
|
||||
|
||||
/**
|
||||
* Whether to require the client secret when
|
||||
* completing the flow.
|
||||
*
|
||||
* @var boolean
|
||||
*/
|
||||
protected $requireClientSecret = true;
|
||||
|
||||
/**
|
||||
* Set the TTL of the refresh token
|
||||
*
|
||||
@ -83,6 +91,28 @@ class RefreshTokenGrant extends AbstractGrant
|
||||
return $this->refreshTokenRotate;
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
* @param bool $required True to require client secret during access
|
||||
* token request. False if not. Default = true
|
||||
*/
|
||||
public function setRequireClientSecret($required)
|
||||
{
|
||||
$this->requireClientSecret = $required;
|
||||
}
|
||||
|
||||
/**
|
||||
* True if client secret is required during
|
||||
* access token request. False if it isn't.
|
||||
*
|
||||
* @return bool
|
||||
*/
|
||||
public function shouldRequireClientSecret()
|
||||
{
|
||||
return $this->requireClientSecret;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* {@inheritdoc}
|
||||
*/
|
||||
@ -95,7 +125,7 @@ class RefreshTokenGrant extends AbstractGrant
|
||||
|
||||
$clientSecret = $this->server->getRequest()->request->get('client_secret',
|
||||
$this->server->getRequest()->getPassword());
|
||||
if (is_null($clientSecret)) {
|
||||
if ($this->shouldRequireClientSecret() && is_null($clientSecret)) {
|
||||
throw new Exception\InvalidRequestException('client_secret');
|
||||
}
|
||||
|
||||
@ -190,4 +220,4 @@ class RefreshTokenGrant extends AbstractGrant
|
||||
|
||||
return $this->server->getTokenType()->generateResponse();
|
||||
}
|
||||
}
|
||||
}
|
Loading…
Reference in New Issue
Block a user