ElyBy-Mirror/accounts
1
0
Fork 0
mirror of https://github.com/elyby/accounts.git synced 2024-10-12 10:04:32 +05:30
Code Issues Packages Projects Releases Wiki Activity

Disallow to perform oauth2 authentication for applications that have no corresponding type

Browse Source
This commit is contained in:
ErickSkrauch 2019-12-11 14:41:37 +03:00
parent 9da58beccf
commit f06354638e
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
api/components/OAuth2/Repositories/ClientRepository.php
View File

@ -37,7 +37,12 @@ class ClientRepository implements ClientRepositoryInterface {
}
private function findModel(string $id): ?OauthClient {
return OauthClient::findOne(['id' => $id]);
$client = OauthClient::findOne(['id' => $id]);
if ($client === null || $client->type !== OauthClient::TYPE_APPLICATION) {
return null;
}
return $client;
}
}