Fixed use of default scope so it is only for authorization requests

2025-05-31 14:12:07 +05:30 · 2017-11-06 22:33:28 +00:00
parent cc6eb63dd8
commit 0f08063864
12 changed files with 109 additions and 53 deletions
--- a/src/Grant/AuthCodeGrant.php
+++ b/src/Grant/AuthCodeGrant.php
@@ -242,13 +242,19 @@ class AuthCodeGrant extends AbstractAuthorizeGrant
            }
        }

+        $redirectUri = is_array($client->getRedirectUri()) ? $client->getRedirectUri()[0] : $client->getRedirectUri();
+
        $scopes = $this->validateScopes(
            $this->getQueryStringParameter('scope', $request, $this->defaultScope),
-            is_array($client->getRedirectUri())
-                ? $client->getRedirectUri()[0]
-                : $client->getRedirectUri()
+            $redirectUri
        );

+        try {
+            $this->checkScopesRequested($scopes, $redirectUri);
+        } catch (OAuthServerException $ex) {
+            throw $ex;
+        }
+
        $stateParameter = $this->getQueryStringParameter('state', $request);

        $authorizationRequest = new AuthorizationRequest();