Update changelog for version 7.4.0

Merge pull request #1000 from filecage/master
Optional Refresh Tokens
2025-05-31 14:12:07 +05:30 · 2019-05-05 10:22:01 +01:00 · 2019-05-05 09:48:53 +01:00 · 2019-05-05 09:03:13 +01:00 · 2019-05-05 08:58:34 +01:00 · 2019-04-29 19:13:26 +02:00
16 changed files with 258 additions and 40 deletions
--- a/.styleci.yml
+++ b/.styleci.yml
@@ -41,7 +41,6 @@ enabled:
  - print_to_echo
  - short_array_syntax
  - short_scalar_cast
-  - simplified_null_return
  - single_quote
  - spaces_cast
  - standardize_not_equal
--- a/.travis.yml
+++ b/.travis.yml
@@ -15,6 +15,7 @@ php:
  - 7.0
  - 7.1
  - 7.2
+  - 7.3

 install:
  - composer update --no-interaction --prefer-dist $DEPENDENCIES
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -6,6 +6,19 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.

 ## [Unreleased]

+## [7.4.0] - released 2019-05-05
+
+### Changed
+- RefreshTokenRepository can now return null, allowing refresh tokens to be optional. (PR #649)
+
+## [7.3.3] - released 2019-03-29
+
+### Added
+- Added `error_description` to the error payload to improve standards compliance. The contents of this are copied from the existing `message` value. (PR #1006)
+
+### Deprecated
+- Error payload will not issue `message` value in the next major release (PR #1006)
+
 ## [7.3.2] - released 2018-11-21

 ### Fixed
@@ -432,7 +445,9 @@ Version 5 is a complete code rewrite.

 - First major release

-[Unreleased]: https://github.com/thephpleague/oauth2-server/compare/7.3.2...HEAD
+[Unreleased]: https://github.com/thephpleague/oauth2-server/compare/7.4.0...HEAD
+[7.4.0]: https://github.com/thephpleague/oauth2-server/compare/7.3.3...7.4.0
+[7.3.3]: https://github.com/thephpleague/oauth2-server/compare/7.3.2...7.3.3
 [7.3.2]: https://github.com/thephpleague/oauth2-server/compare/7.3.1...7.3.2
 [7.3.1]: https://github.com/thephpleague/oauth2-server/compare/7.3.0...7.3.1
 [7.3.0]: https://github.com/thephpleague/oauth2-server/compare/7.2.0...7.3.0
--- a/README.md
+++ b/README.md
@@ -34,6 +34,7 @@ The following versions of PHP are supported:
 * PHP 7.0
 * PHP 7.1
 * PHP 7.2
+* PHP 7.3

 The `openssl` extension is also required.

@@ -69,6 +70,7 @@ We use [Travis CI](https://travis-ci.org/), [Scrutinizer](https://scrutinizer-ci
 * [Laravel Passport](https://github.com/laravel/passport)
 * [OAuth 2 Server for CakePHP 3](https://github.com/uafrica/oauth-server)
 * [OAuth 2 Server for Expressive](https://github.com/zendframework/zend-expressive-authentication-oauth2)
+* [Trikoder OAuth 2 Bundle (Symfony)](https://github.com/trikoder/oauth2-bundle)

 ## Changelog

--- a/src/Exception/OAuthServerException.php
+++ b/src/Exception/OAuthServerException.php
@@ -59,8 +59,8 @@ class OAuthServerException extends Exception
        $this->hint = $hint;
        $this->redirectUri = $redirectUri;
        $this->payload = [
-            'error'   => $errorType,
-            'message' => $message,
+            'error'             => $errorType,
+            'error_description' => $message,
        ];
        if ($hint !== null) {
            $this->payload['hint'] = $hint;
@@ -74,7 +74,15 @@ class OAuthServerException extends Exception
     */
    public function getPayload()
    {
-        return $this->payload;
+        $payload = $this->payload;
+
+        // The "message" property is deprecated and replaced by "error_description"
+        // TODO: remove "message" property
+        if (isset($payload['error_description']) && !isset($payload['message'])) {
+            $payload['message'] = $payload['error_description'];
+        }
+
+        return $payload;
    }

    /**
--- a/src/Grant/AbstractGrant.php
+++ b/src/Grant/AbstractGrant.php
@@ -472,16 +472,21 @@ abstract class AbstractGrant implements GrantTypeInterface
     * @throws OAuthServerException
     * @throws UniqueTokenIdentifierConstraintViolationException
     *
-     * @return RefreshTokenEntityInterface
+     * @return RefreshTokenEntityInterface|null
     */
    protected function issueRefreshToken(AccessTokenEntityInterface $accessToken)
    {
-        $maxGenerationAttempts = self::MAX_RANDOM_TOKEN_GENERATION_ATTEMPTS;
-
        $refreshToken = $this->refreshTokenRepository->getNewRefreshToken();
+
+        if ($refreshToken === null) {
+            return null;
+        }
+
        $refreshToken->setExpiryDateTime((new DateTime())->add($this->refreshTokenTTL));
        $refreshToken->setAccessToken($accessToken);

+        $maxGenerationAttempts = self::MAX_RANDOM_TOKEN_GENERATION_ATTEMPTS;
+
        while ($maxGenerationAttempts-- > 0) {
            $refreshToken->setIdentifier($this->generateUniqueIdentifier());
            try {
--- a/src/Grant/AuthCodeGrant.php
+++ b/src/Grant/AuthCodeGrant.php
@@ -145,17 +145,18 @@ class AuthCodeGrant extends AbstractAuthorizeGrant
            }
        }

-        // Issue and persist access + refresh tokens
+        // Issue and persist new access token
        $accessToken = $this->issueAccessToken($accessTokenTTL, $client, $authCodePayload->user_id, $scopes);
+        $this->getEmitter()->emit(new RequestEvent(RequestEvent::ACCESS_TOKEN_ISSUED, $request));
+        $responseType->setAccessToken($accessToken);
+
+        // Issue and persist new refresh token if given
        $refreshToken = $this->issueRefreshToken($accessToken);

-        // Send events to emitter
-        $this->getEmitter()->emit(new RequestEvent(RequestEvent::ACCESS_TOKEN_ISSUED, $request));
-        $this->getEmitter()->emit(new RequestEvent(RequestEvent::REFRESH_TOKEN_ISSUED, $request));
-
-        // Inject tokens into response type
-        $responseType->setAccessToken($accessToken);
-        $responseType->setRefreshToken($refreshToken);
+        if ($refreshToken !== null) {
+            $this->getEmitter()->emit(new RequestEvent(RequestEvent::REFRESH_TOKEN_ISSUED, $request));
+            $responseType->setRefreshToken($refreshToken);
+        }

        // Revoke used auth code
        $this->authCodeRepository->revokeAuthCode($authCodePayload->auth_code_id);
--- a/src/Grant/PasswordGrant.php
+++ b/src/Grant/PasswordGrant.php
@@ -56,17 +56,18 @@ class PasswordGrant extends AbstractGrant
        // Finalize the requested scopes
        $finalizedScopes = $this->scopeRepository->finalizeScopes($scopes, $this->getIdentifier(), $client, $user->getIdentifier());

-        // Issue and persist new tokens
+        // Issue and persist new access token
        $accessToken = $this->issueAccessToken($accessTokenTTL, $client, $user->getIdentifier(), $finalizedScopes);
+        $this->getEmitter()->emit(new RequestEvent(RequestEvent::ACCESS_TOKEN_ISSUED, $request));
+        $responseType->setAccessToken($accessToken);
+
+        // Issue and persist new refresh token if given
        $refreshToken = $this->issueRefreshToken($accessToken);

-        // Send events to emitter
-        $this->getEmitter()->emit(new RequestEvent(RequestEvent::ACCESS_TOKEN_ISSUED, $request));
-        $this->getEmitter()->emit(new RequestEvent(RequestEvent::REFRESH_TOKEN_ISSUED, $request));
-
-        // Inject tokens into response
-        $responseType->setAccessToken($accessToken);
-        $responseType->setRefreshToken($refreshToken);
+        if ($refreshToken !== null) {
+            $this->getEmitter()->emit(new RequestEvent(RequestEvent::REFRESH_TOKEN_ISSUED, $request));
+            $responseType->setRefreshToken($refreshToken);
+        }

        return $responseType;
    }
--- a/src/Grant/RefreshTokenGrant.php
+++ b/src/Grant/RefreshTokenGrant.php
@@ -63,17 +63,18 @@ class RefreshTokenGrant extends AbstractGrant
        $this->accessTokenRepository->revokeAccessToken($oldRefreshToken['access_token_id']);
        $this->refreshTokenRepository->revokeRefreshToken($oldRefreshToken['refresh_token_id']);

-        // Issue and persist new tokens
+        // Issue and persist new access token
        $accessToken = $this->issueAccessToken($accessTokenTTL, $client, $oldRefreshToken['user_id'], $scopes);
+        $this->getEmitter()->emit(new RequestEvent(RequestEvent::ACCESS_TOKEN_ISSUED, $request));
+        $responseType->setAccessToken($accessToken);
+
+        // Issue and persist new refresh token if given
        $refreshToken = $this->issueRefreshToken($accessToken);

-        // Send events to emitter
-        $this->getEmitter()->emit(new RequestEvent(RequestEvent::ACCESS_TOKEN_ISSUED, $request));
-        $this->getEmitter()->emit(new RequestEvent(RequestEvent::REFRESH_TOKEN_ISSUED, $request));
-
-        // Inject tokens into response
-        $responseType->setAccessToken($accessToken);
-        $responseType->setRefreshToken($refreshToken);
+        if ($refreshToken !== null) {
+            $this->getEmitter()->emit(new RequestEvent(RequestEvent::REFRESH_TOKEN_ISSUED, $request));
+            $responseType->setRefreshToken($refreshToken);
+        }

        return $responseType;
    }
--- a/src/Repositories/RefreshTokenRepositoryInterface.php
+++ b/src/Repositories/RefreshTokenRepositoryInterface.php
@@ -20,7 +20,7 @@ interface RefreshTokenRepositoryInterface extends RepositoryInterface
    /**
     * Creates a new refresh token
     *
-     * @return RefreshTokenEntityInterface
+     * @return RefreshTokenEntityInterface|null
     */
    public function getNewRefreshToken();

--- a/tests/Grant/AbstractGrantTest.php
+++ b/tests/Grant/AbstractGrantTest.php
@@ -346,6 +346,27 @@ class AbstractGrantTest extends TestCase
        $this->assertEquals($accessToken, $refreshToken->getAccessToken());
    }

+    public function testIssueNullRefreshToken()
+    {
+        $refreshTokenRepoMock = $this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock();
+        $refreshTokenRepoMock
+            ->expects($this->once())
+            ->method('getNewRefreshToken')
+            ->willReturn(null);
+
+        /** @var AbstractGrant $grantMock */
+        $grantMock = $this->getMockForAbstractClass(AbstractGrant::class);
+        $grantMock->setRefreshTokenTTL(new \DateInterval('PT1M'));
+        $grantMock->setRefreshTokenRepository($refreshTokenRepoMock);
+
+        $abstractGrantReflection = new \ReflectionClass($grantMock);
+        $issueRefreshTokenMethod = $abstractGrantReflection->getMethod('issueRefreshToken');
+        $issueRefreshTokenMethod->setAccessible(true);
+
+        $accessToken = new AccessTokenEntity();
+        $this->assertNull($issueRefreshTokenMethod->invoke($grantMock, $accessToken));
+    }
+
    public function testIssueAccessToken()
    {
        $accessTokenRepoMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
--- a/tests/Grant/AuthCodeGrantTest.php
+++ b/tests/Grant/AuthCodeGrantTest.php
@@ -644,6 +644,73 @@ class AuthCodeGrantTest extends TestCase
        $this->assertInstanceOf(RefreshTokenEntityInterface::class, $response->getRefreshToken());
    }

+    public function testRespondToAccessTokenRequestNullRefreshToken()
+    {
+        $client = new ClientEntity();
+        $client->setIdentifier('foo');
+        $client->setRedirectUri('http://foo/bar');
+        $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
+        $clientRepositoryMock->method('getClientEntity')->willReturn($client);
+
+        $scopeRepositoryMock = $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock();
+        $scopeEntity = new ScopeEntity();
+        $scopeRepositoryMock->method('getScopeEntityByIdentifier')->willReturn($scopeEntity);
+        $scopeRepositoryMock->method('finalizeScopes')->willReturnArgument(0);
+
+        $accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
+        $accessTokenRepositoryMock->method('getNewToken')->willReturn(new AccessTokenEntity());
+        $accessTokenRepositoryMock->method('persistNewAccessToken')->willReturnSelf();
+
+        $refreshTokenRepositoryMock = $this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock();
+        $refreshTokenRepositoryMock->method('persistNewRefreshToken')->willReturnSelf();
+        $refreshTokenRepositoryMock->method('getNewRefreshToken')->willReturn(null);
+
+        $grant = new AuthCodeGrant(
+            $this->getMockBuilder(AuthCodeRepositoryInterface::class)->getMock(),
+            $refreshTokenRepositoryMock,
+            new \DateInterval('PT10M')
+        );
+
+        $grant->setClientRepository($clientRepositoryMock);
+        $grant->setScopeRepository($scopeRepositoryMock);
+        $grant->setAccessTokenRepository($accessTokenRepositoryMock);
+        $grant->setEncryptionKey($this->cryptStub->getKey());
+
+        $request = new ServerRequest(
+            [],
+            [],
+            null,
+            'POST',
+            'php://input',
+            [],
+            [],
+            [],
+            [
+                'grant_type'   => 'authorization_code',
+                'client_id'    => 'foo',
+                'redirect_uri' => 'http://foo/bar',
+                'code'         => $this->cryptStub->doEncrypt(
+                    json_encode(
+                        [
+                            'auth_code_id' => uniqid(),
+                            'expire_time'  => time() + 3600,
+                            'client_id'    => 'foo',
+                            'user_id'      => 123,
+                            'scopes'       => ['foo'],
+                            'redirect_uri' => 'http://foo/bar',
+                        ]
+                    )
+                ),
+            ]
+        );
+
+        /** @var StubResponseType $response */
+        $response = $grant->respondToAccessTokenRequest($request, new StubResponseType(), new \DateInterval('PT10M'));
+
+        $this->assertInstanceOf(AccessTokenEntityInterface::class, $response->getAccessToken());
+        $this->assertNull($response->getRefreshToken());
+    }
+
    public function testRespondToAccessTokenRequestCodeChallengePlain()
    {
        $client = new ClientEntity();
--- a/tests/Grant/ImplicitGrantTest.php
+++ b/tests/Grant/ImplicitGrantTest.php
@@ -285,7 +285,6 @@ class ImplicitGrantTest extends TestCase
        $accessTokenRepositoryMock->method('persistNewAccessToken')->willReturnSelf();

        $scopeRepositoryMock = $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock();
-        $scopeEntity = new ScopeEntity();
        $scopeRepositoryMock->method('finalizeScopes')->willReturnArgument(0);

        $grant = new ImplicitGrant(new \DateInterval('PT10M'));
@@ -313,7 +312,6 @@ class ImplicitGrantTest extends TestCase
        $accessTokenRepositoryMock->method('persistNewAccessToken')->willReturnSelf();

        $scopeRepositoryMock = $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock();
-        $scopeEntity = new ScopeEntity();
        $scopeRepositoryMock->method('finalizeScopes')->willReturnArgument(0);

        $grant = new ImplicitGrant(new \DateInterval('PT10M'));
@@ -339,7 +337,6 @@ class ImplicitGrantTest extends TestCase
        $accessTokenRepositoryMock->expects($this->at(1))->method('persistNewAccessToken')->willReturnSelf();

        $scopeRepositoryMock = $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock();
-        $scopeEntity = new ScopeEntity();
        $scopeRepositoryMock->method('finalizeScopes')->willReturnArgument(0);

        $grant = new ImplicitGrant(new \DateInterval('PT10M'));
@@ -368,7 +365,6 @@ class ImplicitGrantTest extends TestCase
        $accessTokenRepositoryMock->method('persistNewAccessToken')->willThrowException(OAuthServerException::serverError('something bad happened'));

        $scopeRepositoryMock = $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock();
-        $scopeEntity = new ScopeEntity();
        $scopeRepositoryMock->method('finalizeScopes')->willReturnArgument(0);

        $grant = new ImplicitGrant(new \DateInterval('PT10M'));
@@ -397,7 +393,6 @@ class ImplicitGrantTest extends TestCase
        $accessTokenRepositoryMock->method('persistNewAccessToken')->willThrowException(UniqueTokenIdentifierConstraintViolationException::create());

        $scopeRepositoryMock = $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock();
-        $scopeEntity = new ScopeEntity();
        $scopeRepositoryMock->method('finalizeScopes')->willReturnArgument(0);

        $grant = new ImplicitGrant(new \DateInterval('PT10M'));
--- a/tests/Grant/PasswordGrantTest.php
+++ b/tests/Grant/PasswordGrantTest.php
@@ -78,6 +78,51 @@ class PasswordGrantTest extends TestCase
        $this->assertInstanceOf(RefreshTokenEntityInterface::class, $responseType->getRefreshToken());
    }

+    public function testRespondToRequestNullRefreshToken()
+    {
+        $client = new ClientEntity();
+        $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
+        $clientRepositoryMock->method('getClientEntity')->willReturn($client);
+
+        $accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
+        $accessTokenRepositoryMock->method('getNewToken')->willReturn(new AccessTokenEntity());
+        $accessTokenRepositoryMock->method('persistNewAccessToken')->willReturnSelf();
+
+        $userRepositoryMock = $this->getMockBuilder(UserRepositoryInterface::class)->getMock();
+        $userEntity = new UserEntity();
+        $userRepositoryMock->method('getUserEntityByUserCredentials')->willReturn($userEntity);
+
+        $scope = new ScopeEntity();
+        $scopeRepositoryMock = $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock();
+        $scopeRepositoryMock->method('getScopeEntityByIdentifier')->willReturn($scope);
+        $scopeRepositoryMock->method('finalizeScopes')->willReturnArgument(0);
+
+        $refreshTokenRepositoryMock = $this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock();
+        $refreshTokenRepositoryMock->method('getNewRefreshToken')->willReturn(null);
+
+        $grant = new PasswordGrant($userRepositoryMock, $refreshTokenRepositoryMock);
+        $grant->setClientRepository($clientRepositoryMock);
+        $grant->setAccessTokenRepository($accessTokenRepositoryMock);
+        $grant->setScopeRepository($scopeRepositoryMock);
+        $grant->setDefaultScope(self::DEFAULT_SCOPE);
+
+        $serverRequest = new ServerRequest();
+        $serverRequest = $serverRequest->withParsedBody(
+            [
+                'client_id'     => 'foo',
+                'client_secret' => 'bar',
+                'username'      => 'foo',
+                'password'      => 'bar',
+            ]
+        );
+
+        $responseType = new StubResponseType();
+        $grant->respondToAccessTokenRequest($serverRequest, $responseType, new \DateInterval('PT5M'));
+
+        $this->assertInstanceOf(AccessTokenEntityInterface::class, $responseType->getAccessToken());
+        $this->assertNull($responseType->getRefreshToken());
+    }
+
    /**
     * @expectedException \League\OAuth2\Server\Exception\OAuthServerException
     */
--- a/tests/Grant/RefreshTokenGrantTest.php
+++ b/tests/Grant/RefreshTokenGrantTest.php
@@ -94,6 +94,63 @@ class RefreshTokenGrantTest extends TestCase
        $this->assertInstanceOf(RefreshTokenEntityInterface::class, $responseType->getRefreshToken());
    }

+    public function testRespondToRequestNullRefreshToken()
+    {
+        $client = new ClientEntity();
+        $client->setIdentifier('foo');
+
+        $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
+        $clientRepositoryMock->method('getClientEntity')->willReturn($client);
+
+        $scopeEntity = new ScopeEntity();
+        $scopeEntity->setIdentifier('foo');
+
+        $scopeRepositoryMock = $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock();
+        $scopeRepositoryMock->method('getScopeEntityByIdentifier')->willReturn($scopeEntity);
+
+        $accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
+        $accessTokenRepositoryMock->method('getNewToken')->willReturn(new AccessTokenEntity());
+        $accessTokenRepositoryMock->expects($this->once())->method('persistNewAccessToken')->willReturnSelf();
+
+        $refreshTokenRepositoryMock = $this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock();
+        $refreshTokenRepositoryMock->method('getNewRefreshToken')->willReturn(null);
+        $refreshTokenRepositoryMock->expects($this->never())->method('persistNewRefreshToken');
+
+        $grant = new RefreshTokenGrant($refreshTokenRepositoryMock);
+        $grant->setClientRepository($clientRepositoryMock);
+        $grant->setScopeRepository($scopeRepositoryMock);
+        $grant->setAccessTokenRepository($accessTokenRepositoryMock);
+        $grant->setEncryptionKey($this->cryptStub->getKey());
+        $grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
+
+        $oldRefreshToken = $this->cryptStub->doEncrypt(
+            json_encode(
+                [
+                    'client_id'        => 'foo',
+                    'refresh_token_id' => 'zyxwvu',
+                    'access_token_id'  => 'abcdef',
+                    'scopes'           => ['foo'],
+                    'user_id'          => 123,
+                    'expire_time'      => time() + 3600,
+                ]
+            )
+        );
+
+        $serverRequest = new ServerRequest();
+        $serverRequest = $serverRequest->withParsedBody([
+            'client_id'     => 'foo',
+            'client_secret' => 'bar',
+            'refresh_token' => $oldRefreshToken,
+            'scopes'        => ['foo'],
+        ]);
+
+        $responseType = new StubResponseType();
+        $grant->respondToAccessTokenRequest($serverRequest, $responseType, new \DateInterval('PT5M'));
+
+        $this->assertInstanceOf(AccessTokenEntityInterface::class, $responseType->getAccessToken());
+        $this->assertNull($responseType->getRefreshToken());
+    }
+
    public function testRespondToReducedScopes()
    {
        $client = new ClientEntity();
--- a/tests/Middleware/AuthorizationServerMiddlewareTest.php
+++ b/tests/Middleware/AuthorizationServerMiddlewareTest.php
@@ -104,7 +104,7 @@ class AuthorizationServerMiddlewareTest extends TestCase
        $response = $exception->generateHttpResponse(new Response());

        $this->assertEquals(302, $response->getStatusCode());
-        $this->assertEquals('http://foo/bar?error=invalid_scope&message=The+requested+scope+is+invalid%2C+unknown%2C+or+malformed&hint=Check+the+%60test%60+scope',
+        $this->assertEquals('http://foo/bar?error=invalid_scope&error_description=The+requested+scope+is+invalid%2C+unknown%2C+or+malformed&hint=Check+the+%60test%60+scope&message=The+requested+scope+is+invalid%2C+unknown%2C+or+malformed',
            $response->getHeader('location')[0]);
    }

@@ -114,7 +114,7 @@ class AuthorizationServerMiddlewareTest extends TestCase
        $response = $exception->generateHttpResponse(new Response(), true);

        $this->assertEquals(302, $response->getStatusCode());
-        $this->assertEquals('http://foo/bar#error=invalid_scope&message=The+requested+scope+is+invalid%2C+unknown%2C+or+malformed&hint=Check+the+%60test%60+scope',
+        $this->assertEquals('http://foo/bar#error=invalid_scope&error_description=The+requested+scope+is+invalid%2C+unknown%2C+or+malformed&hint=Check+the+%60test%60+scope&message=The+requested+scope+is+invalid%2C+unknown%2C+or+malformed',
            $response->getHeader('location')[0]);
    }
 }
Author	SHA1	Message	Date
Andrew Millington	2eb1cf79e5	Update changelog for version 7.4.0	2019-05-05 10:22:01 +01:00
Andrew Millington	382b6f5fbf	Merge pull request #1000 from filecage/master Optional Refresh Tokens	2019-05-05 09:48:53 +01:00
sephster	86869eafbb	Add whitespace around control blocks	2019-05-05 09:03:13 +01:00
sephster	9236e842d9	Clarify changelog message	2019-05-05 08:58:34 +01:00
filecage	9bc7f6c8c5	removing simplified_null_return	2019-04-29 19:13:26 +02:00
David	1e9a468e66	Merge branch 'master' into master	2019-04-12 11:17:37 +02:00
Andrew Millington	c7f4998497	Update links	2019-03-29 18:19:35 +00:00
Andrew Millington	0a78236f17	Update changelog for version 7.3.3	2019-03-29 18:18:35 +00:00
Andrew Millington	a68f8001a4	Merge pull request #1006 from marc-mabe/fix-958-error_description spec compliant 'error_description' but keep 'message' for BC	2019-03-29 16:28:33 +00:00
Marc Bennewitz	b88198a9a4	spec compliant 'error_description' but keep 'message' for BC	2019-03-29 16:00:26 +01:00
filecage	8cf39fd9cd	applies style CI diff	2019-03-16 13:15:38 +01:00
filecage	6f6820f629	removes @var hints the @var hints make PHP stan fail together with PHPUnit 6.3	2019-03-16 13:12:34 +01:00
filecage	0742d5150c	explicit is better than implicit :)	2019-03-13 10:08:57 +01:00
filecage	64f0d89fad	`getNewRefreshToken()` can also return `NULL`	2019-03-11 23:28:47 +01:00
filecage	ebf78132d7	`refreshTokenRepository` parameter can not be null, condition is obsolete	2019-03-11 23:28:20 +01:00
filecage	aa5bbe5f06	boyscout: style CI tweaks	2019-03-11 23:26:35 +01:00
filecage	66d4ce6de8	Update CHANGELOG.md	2019-03-08 18:21:55 +01:00
filecage	2ea76ca4fd	Adds handling for `null` issued refresh token to Grant implementations	2019-03-08 18:19:16 +01:00
filecage	b2840474fd	AbstractGrant no longer tries to issue a refresh token if the Repository returned `null`	2019-03-08 18:16:16 +01:00
Andrew Millington	0227f14b7b	Merge pull request #988 from lordrhodos/feature/test-cleanup Cleanup: remove unused local variable $scopeEntity from ImplicitGrantTest	2019-01-22 20:59:33 +00:00
Patrick Rodacker	fad42a88fd	removes unused local variable $scopeEntity from ImplicitGrantTest	2019-01-20 22:11:22 +01:00
Andrew Millington	2a16dbeb7f	Merge pull request #981 from Sephster/support-php-7.3 Add support for PHP 7.3	2018-12-06 23:53:55 +00:00
sephster	faa350792a	Add support for PHP 7.3	2018-12-06 23:46:28 +00:00
Andrew Millington	dc3181bbb0	Merge pull request #977 from spideyfusion/symfony-community-integration Add Symfony community integration to README.md	2018-11-28 12:47:30 +00:00
Petar Obradović	1e3a7adb19	Add Symfony community integration to README.md	2018-11-28 12:24:16 +01:00