From 8fc0023564e5c1bc8465634e92b7310a237024e3 Mon Sep 17 00:00:00 2001
From: ErickSkrauch <erickskrauch@yandex.ru>
Date: Sun, 11 Jun 2017 22:10:46 +0300
Subject: [PATCH 1/5] 1.1.15 [skip ci]

---
 common/config/config.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/common/config/config.php b/common/config/config.php
index 236d9a9..d8f641e 100644
--- a/common/config/config.php
+++ b/common/config/config.php
@@ -1,6 +1,6 @@
 <?php
 return [
-    'version' => '1.1.14',
+    'version' => '1.1.15-dev',
     'vendorPath' => dirname(dirname(__DIR__)) . '/vendor',
     'components' => [
         'cache' => [

From 8f8f2ee7bec60a538e046fd357cce3aa2ac978cc Mon Sep 17 00:00:00 2001
From: SleepWalker <mybox@udf.su>
Date: Mon, 12 Jun 2017 22:11:23 +0300
Subject: [PATCH 2/5] #337: add flow js in CI build

---
 .gitlab-ci.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index d9cab9c..963aa13 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -49,6 +49,7 @@ test:frontend:
         - cd frontend
         - npm i --silent > /dev/null
         - npm run lint --silent
+        - npm run flow --silent
         - npm run test --silent
 
 build:production:

From 8adc96a3a8496190cea4a69fba261714f6997eac Mon Sep 17 00:00:00 2001
From: SleepWalker <mybox@udf.su>
Date: Tue, 13 Jun 2017 07:56:37 +0300
Subject: [PATCH 3/5] #337: disable flow during build due to missing
 libelf.so.1 in docker image

---
 .gitlab-ci.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 963aa13..04f976d 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -49,7 +49,7 @@ test:frontend:
         - cd frontend
         - npm i --silent > /dev/null
         - npm run lint --silent
-        - npm run flow --silent
+        # - npm run flow --silent # disabled due to missing libelf.so.1 in docker container
         - npm run test --silent
 
 build:production:

From 411ffe0606812b49b8a8c10fca540c41c3b3627e Mon Sep 17 00:00:00 2001
From: ErickSkrauch <erickskrauch@yandex.ru>
Date: Thu, 13 Jul 2017 13:44:06 +0300
Subject: [PATCH 4/5] =?UTF-8?q?=D0=9F=D0=B5=D1=80=D0=B5=D0=B2=D0=BE=D0=B4?=
 =?UTF-8?q?=D0=B8=D0=BC=20=D0=BF=D1=80=D0=BE=D0=B1=D0=B5=D0=BB=D1=8B=20(?=
 =?UTF-8?q?=D0=BF=D0=BE=20=D1=81=D1=82=D0=B0=D0=BD=D0=B4=D0=B0=D1=80=D1=82?=
 =?UTF-8?q?=D1=83=20OAuth2)=20=D0=B2=20=D0=BD=D0=B0=D1=88=20scopes=20delim?=
 =?UTF-8?q?iter.?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 api/components/OAuth2/Grants/AuthCodeGrant.php   | 16 ++++++++++++++++
 .../OAuth2/Grants/ClientCredentialsGrant.php     | 16 ++++++++++++++++
 .../OAuth2/Grants/RefreshTokenGrant.php          | 16 ++++++++++++++++
 3 files changed, 48 insertions(+)

diff --git a/api/components/OAuth2/Grants/AuthCodeGrant.php b/api/components/OAuth2/Grants/AuthCodeGrant.php
index cfadbe0..134421a 100644
--- a/api/components/OAuth2/Grants/AuthCodeGrant.php
+++ b/api/components/OAuth2/Grants/AuthCodeGrant.php
@@ -2,6 +2,7 @@
 namespace api\components\OAuth2\Grants;
 
 use api\components\OAuth2\Entities;
+use League\OAuth2\Server\Entity\ClientEntity;
 
 class AuthCodeGrant extends \League\OAuth2\Server\Grant\AuthCodeGrant {
 
@@ -17,4 +18,19 @@ class AuthCodeGrant extends \League\OAuth2\Server\Grant\AuthCodeGrant {
         return new Entities\SessionEntity($this->server);
     }
 
+    /**
+     * По стандарту OAuth2 scopes должны разделяться пробелом, а не запятой. Косяк.
+     * Так что оборачиваем функцию разбора скоупов, заменяя пробелы на запятые.
+     *
+     * @param string       $scopeParam
+     * @param ClientEntity $client
+     * @param string $redirectUri
+     *
+     * @return \League\OAuth2\Server\Entity\ScopeEntity[]
+     */
+    public function validateScopes($scopeParam = '', ClientEntity $client, $redirectUri = null) {
+        $scopes = str_replace(' ', $this->server->getScopeDelimiter(), $scopeParam);
+        return parent::validateScopes($scopes, $client, $redirectUri);
+    }
+
 }
diff --git a/api/components/OAuth2/Grants/ClientCredentialsGrant.php b/api/components/OAuth2/Grants/ClientCredentialsGrant.php
index 4e7b467..ef80342 100644
--- a/api/components/OAuth2/Grants/ClientCredentialsGrant.php
+++ b/api/components/OAuth2/Grants/ClientCredentialsGrant.php
@@ -2,6 +2,7 @@
 namespace api\components\OAuth2\Grants;
 
 use api\components\OAuth2\Entities;
+use League\OAuth2\Server\Entity\ClientEntity;
 
 class ClientCredentialsGrant extends \League\OAuth2\Server\Grant\ClientCredentialsGrant {
 
@@ -17,4 +18,19 @@ class ClientCredentialsGrant extends \League\OAuth2\Server\Grant\ClientCredentia
         return new Entities\SessionEntity($this->server);
     }
 
+    /**
+     * По стандарту OAuth2 scopes должны разделяться пробелом, а не запятой. Косяк.
+     * Так что оборачиваем функцию разбора скоупов, заменяя пробелы на запятые.
+     *
+     * @param string       $scopeParam
+     * @param ClientEntity $client
+     * @param string $redirectUri
+     *
+     * @return \League\OAuth2\Server\Entity\ScopeEntity[]
+     */
+    public function validateScopes($scopeParam = '', ClientEntity $client, $redirectUri = null) {
+        $scopes = str_replace(' ', $this->server->getScopeDelimiter(), $scopeParam);
+        return parent::validateScopes($scopes, $client, $redirectUri);
+    }
+
 }
diff --git a/api/components/OAuth2/Grants/RefreshTokenGrant.php b/api/components/OAuth2/Grants/RefreshTokenGrant.php
index d98b3d6..d6e0161 100644
--- a/api/components/OAuth2/Grants/RefreshTokenGrant.php
+++ b/api/components/OAuth2/Grants/RefreshTokenGrant.php
@@ -4,6 +4,7 @@ namespace api\components\OAuth2\Grants;
 use api\components\OAuth2\Entities;
 use ErrorException;
 use League\OAuth2\Server\Entity\ClientEntity as OriginalClientEntity;
+use League\OAuth2\Server\Entity\ClientEntity;
 use League\OAuth2\Server\Entity\RefreshTokenEntity as OriginalRefreshTokenEntity;
 use League\OAuth2\Server\Event;
 use League\OAuth2\Server\Exception;
@@ -25,6 +26,21 @@ class RefreshTokenGrant extends \League\OAuth2\Server\Grant\RefreshTokenGrant {
         return new Entities\SessionEntity($this->server);
     }
 
+    /**
+     * По стандарту OAuth2 scopes должны разделяться пробелом, а не запятой. Косяк.
+     * Так что оборачиваем функцию разбора скоупов, заменяя пробелы на запятые.
+     *
+     * @param string       $scopeParam
+     * @param ClientEntity $client
+     * @param string $redirectUri
+     *
+     * @return \League\OAuth2\Server\Entity\ScopeEntity[]
+     */
+    public function validateScopes($scopeParam = '', ClientEntity $client, $redirectUri = null) {
+        $scopes = str_replace(' ', $this->server->getScopeDelimiter(), $scopeParam);
+        return parent::validateScopes($scopes, $client, $redirectUri);
+    }
+
     /**
      * Метод таки пришлось переписать по той причине, что нынче мы храним access_token в redis с expire значением,
      * так что он может банально несуществовать на тот момент, когда к нему через refresh_token попытаются обратиться.

From 69bb3a7303f4607ab5bbc8bd26a671ee5c52bfc5 Mon Sep 17 00:00:00 2001
From: ErickSkrauch <erickskrauch@yandex.ru>
Date: Thu, 13 Jul 2017 14:02:05 +0300
Subject: [PATCH 5/5] 1.1.15 [skip-ci]

---
 common/config/config.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/common/config/config.php b/common/config/config.php
index d8f641e..7a7bd0d 100644
--- a/common/config/config.php
+++ b/common/config/config.php
@@ -1,6 +1,6 @@
 <?php
 return [
-    'version' => '1.1.15-dev',
+    'version' => '1.1.15',
     'vendorPath' => dirname(dirname(__DIR__)) . '/vendor',
     'components' => [
         'cache' => [