fix: send refresh tokens to Device Code clients too (#41)

This commit is contained in:
Octol1ttle 2024-12-25 20:48:38 +05:00 committed by GitHub
parent e5b395d11b
commit 7b626507bc
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194

View File

@ -3,9 +3,13 @@ declare(strict_types=1);
namespace common\components\OAuth2\Grants;
use common\components\OAuth2\Events\RequestedRefreshToken;
use common\components\OAuth2\Repositories\ExtendedDeviceCodeRepositoryInterface;
use common\components\OAuth2\Repositories\PublicScopeRepository;
use common\components\OAuth2\ResponseTypes\EmptyResponse;
use DateInterval;
use League\OAuth2\Server\Entities\AccessTokenEntityInterface;
use League\OAuth2\Server\Entities\ClientEntityInterface;
use League\OAuth2\Server\Exception\OAuthServerException;
use League\OAuth2\Server\Grant\DeviceCodeGrant as BaseDeviceCodeGrant;
use League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface;
@ -85,4 +89,20 @@ final class DeviceCodeGrant extends BaseDeviceCodeGrant {
return new EmptyResponse();
}
protected function issueAccessToken(
DateInterval $accessTokenTTL,
ClientEntityInterface $client,
?string $userIdentifier,
array $scopes = [],
): AccessTokenEntityInterface {
foreach ($scopes as $i => $scope) {
if ($scope->getIdentifier() === PublicScopeRepository::OFFLINE_ACCESS) {
unset($scopes[$i]);
$this->getEmitter()->emit(new RequestedRefreshToken('refresh_token_requested'));
}
}
return parent::issueAccessToken($accessTokenTTL, $client, $userIdentifier, $scopes);
}
}