Making client secret optional during refresh and access token requsets.

This commit is contained in:
Jerry Saravia 2015-09-03 22:50:35 -04:00
parent 31e5f4d33c
commit d88e01c7dd
2 changed files with 63 additions and 4 deletions

View File

@ -60,6 +60,14 @@ class AuthCodeGrant extends AbstractGrant
*/
protected $authTokenTTL = 600;
/**
* Whether to require the client secret when
* completing the flow.
*
* @var boolean
*/
protected $requireClientSecret = true;
/**
* Override the default access token expire time
*
@ -72,6 +80,27 @@ class AuthCodeGrant extends AbstractGrant
$this->authTokenTTL = $authTokenTTL;
}
/**
*
* @param bool $required True to require client secret during access
* token request. False if not. Default = true
*/
public function setRequireClientSecret($required)
{
$this->requireClientSecret = $required;
}
/**
* True if client secret is required during
* access token request. False if it isn't.
*
* @return bool
*/
public function shouldRequireClientSecret()
{
return $this->requireClientSecret;
}
/**
* Check authorize parameters
*
@ -184,7 +213,7 @@ class AuthCodeGrant extends AbstractGrant
$clientSecret = $this->server->getRequest()->request->get('client_secret',
$this->server->getRequest()->getPassword());
if (is_null($clientSecret)) {
if ($this->shouldRequireClientSecret() && is_null($clientSecret)) {
throw new Exception\InvalidRequestException('client_secret');
}
@ -271,4 +300,4 @@ class AuthCodeGrant extends AbstractGrant
return $this->server->getTokenType()->generateResponse();
}
}
}

View File

@ -42,6 +42,14 @@ class RefreshTokenGrant extends AbstractGrant
*/
protected $refreshTokenRotate = true;
/**
* Whether to require the client secret when
* completing the flow.
*
* @var boolean
*/
protected $requireClientSecret = true;
/**
* Set the TTL of the refresh token
*
@ -83,6 +91,28 @@ class RefreshTokenGrant extends AbstractGrant
return $this->refreshTokenRotate;
}
/**
*
* @param bool $required True to require client secret during access
* token request. False if not. Default = true
*/
public function setRequireClientSecret($required)
{
$this->requireClientSecret = $required;
}
/**
* True if client secret is required during
* access token request. False if it isn't.
*
* @return bool
*/
public function shouldRequireClientSecret()
{
return $this->requireClientSecret;
}
/**
* {@inheritdoc}
*/
@ -95,7 +125,7 @@ class RefreshTokenGrant extends AbstractGrant
$clientSecret = $this->server->getRequest()->request->get('client_secret',
$this->server->getRequest()->getPassword());
if (is_null($clientSecret)) {
if ($this->shouldRequireClientSecret() && is_null($clientSecret)) {
throw new Exception\InvalidRequestException('client_secret');
}
@ -190,4 +220,4 @@ class RefreshTokenGrant extends AbstractGrant
return $this->server->getTokenType()->generateResponse();
}
}
}