mirror of
https://github.com/elyby/oauth2-server.git
synced 2025-05-31 14:12:07 +05:30
Compare commits
2 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
67509d1413 | ||
|
|
44f51bfc1c |
@@ -1,7 +1,7 @@
|
|||||||
{
|
{
|
||||||
"name": "league/oauth2-server",
|
"name": "league/oauth2-server",
|
||||||
"description": "A lightweight and powerful OAuth 2.0 authorization and resource server library with support for all the core specification grants. This library will allow you to secure your API with OAuth and allow your applications users to approve apps that want to access their data from your API.",
|
"description": "A lightweight and powerful OAuth 2.0 authorization and resource server library with support for all the core specification grants. This library will allow you to secure your API with OAuth and allow your applications users to approve apps that want to access their data from your API.",
|
||||||
"version": "2.1.1",
|
"version": "2.1.2",
|
||||||
"homepage": "https://github.com/php-loep/oauth2-server",
|
"homepage": "https://github.com/php-loep/oauth2-server",
|
||||||
"license": "MIT",
|
"license": "MIT",
|
||||||
"require": {
|
"require": {
|
||||||
|
|||||||
@@ -183,7 +183,7 @@ class Resource
|
|||||||
|
|
||||||
$result = $this->storages['session']->validateAccessToken($accessToken);
|
$result = $this->storages['session']->validateAccessToken($accessToken);
|
||||||
|
|
||||||
if ( ! $result) {
|
if (! $result) {
|
||||||
throw new Exception\InvalidAccessTokenException('Access token is not valid');
|
throw new Exception\InvalidAccessTokenException('Access token is not valid');
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -225,7 +225,7 @@ class Resource
|
|||||||
return false;
|
return false;
|
||||||
} elseif (is_array($scopes)) {
|
} elseif (is_array($scopes)) {
|
||||||
foreach ($scopes as $scope) {
|
foreach ($scopes as $scope) {
|
||||||
if ( ! in_array($scope, $this->sessionScopes)) {
|
if (! in_array($scope, $this->sessionScopes)) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -244,7 +244,15 @@ class Resource
|
|||||||
*/
|
*/
|
||||||
protected function determineAccessToken($headersOnly = false)
|
protected function determineAccessToken($headersOnly = false)
|
||||||
{
|
{
|
||||||
if ($header = $this->getRequest()->header('Authorization')) {
|
// Try to get it directly from a header
|
||||||
|
if (! $header = $this->getRequest()->header('Authorization')) {
|
||||||
|
|
||||||
|
// Failing that try getting it from a server variable
|
||||||
|
$header = $this->getRequest()->server('HTTP_AUTHORIZATION');
|
||||||
|
}
|
||||||
|
|
||||||
|
// One of them worked
|
||||||
|
if ($header) {
|
||||||
// Check for special case, because cURL sometimes does an
|
// Check for special case, because cURL sometimes does an
|
||||||
// internal second request and doubles the authorization header,
|
// internal second request and doubles the authorization header,
|
||||||
// which always resulted in an error.
|
// which always resulted in an error.
|
||||||
@@ -269,5 +277,4 @@ class Resource
|
|||||||
|
|
||||||
return $accessToken;
|
return $accessToken;
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user