Set the scope parameter to not be required by default. Fixes #43

2025-05-31 14:12:07 +05:30 · 2013-05-09 10:02:41 -07:00
parent c3b41a5e8a
commit ddefb2ee16
3 changed files with 5 additions and 4 deletions
--- a/src/League/OAuth2/Server/Authorization.php
+++ b/src/League/OAuth2/Server/Authorization.php
@@ -59,10 +59,10 @@ class Authorization
     * Require the "scope" parameter to be in checkAuthoriseParams()
     * @var boolean
     */
-    protected $requireScopeParam = true;
+    protected $requireScopeParam = false;

    /**
-     * Default scope to be used if none is provided and requireScopeParam is false
+     * Default scope to be used if none is provided
     * @var string
     */
    protected $defaultScope = null;
@@ -271,7 +271,7 @@ class Authorization
     * @param  boolean $require
     * @return void
     */
-    public function requireScopeParam($require = true)
+    public function requireScopeParam($require = false)
    {
        $this->requireScopeParam = $require;
    }
--- a/src/League/OAuth2/Server/Grant/AuthCode.php
+++ b/src/League/OAuth2/Server/Grant/AuthCode.php
@@ -152,7 +152,7 @@ class AuthCode implements GrantTypeInterface {
            if ($scopes[$i] === '') unset($scopes[$i]); // Remove any junk scopes
        }

-        if ($this->authServer->scopeParamRequired() === true && count($scopes) === 0) {
+        if ($this->authServer->scopeParamRequired() === true && $this->authServer->getDefaultScope() === null && count($scopes) === 0) {
            throw new Exception\ClientException(sprintf($this->authServer->getExceptionMessage('invalid_request'), 'scope'), 0);
        } elseif (count($scopes) === 0 && $this->authServer->getDefaultScope()) {
            $scopes = array($this->authServer->getDefaultScope());