Fixed client_id and client_secret retrieval from request in conformity with the RFC

This commit is contained in:
Alex Bilbie 2013-03-22 10:40:47 +00:00
parent ecf2f2b9ea
commit 105a5b2a31

View File

@ -446,7 +446,13 @@ class AuthServer
public function getParam($param = '', $method = 'get', $inputParams = array(), $default = null) public function getParam($param = '', $method = 'get', $inputParams = array(), $default = null)
{ {
if (is_string($param)) { if (is_string($param)) {
return (isset($inputParams[$param])) ? $inputParams[$param] : $this->getRequest()->{$method}($param, $default); if(isset($inputParams[$param])) {
return $inputParams[$param];
} elseif($param == 'client_id' && !is_null($client_id = $this->getRequest()->server('PHP_AUTH_USER'))) {
return $client_id;
} elseif($param == 'client_secret' && !is_null($client_secret = $this->getRequest()->server('PHP_AUTH_PW'))) {
return $client_secret;
} else return $this->getRequest()->{$method}($param, $default);
} else { } else {
$response = array(); $response = array();
foreach ($param as $p) { foreach ($param as $p) {