From b88198a9a4d0f58eaf62918564973d75f8ddb2d2 Mon Sep 17 00:00:00 2001
From: Marc Bennewitz <m.bennewitz@dcmn.com>
Date: Fri, 29 Mar 2019 16:00:26 +0100
Subject: [PATCH 1/3] spec compliant 'error_description' but keep 'message' for
 BC

---
 src/Exception/OAuthServerException.php             | 14 +++++++++++---
 .../AuthorizationServerMiddlewareTest.php          |  4 ++--
 2 files changed, 13 insertions(+), 5 deletions(-)

diff --git a/src/Exception/OAuthServerException.php b/src/Exception/OAuthServerException.php
index 28cc20be..bb448767 100644
--- a/src/Exception/OAuthServerException.php
+++ b/src/Exception/OAuthServerException.php
@@ -59,8 +59,8 @@ class OAuthServerException extends Exception
         $this->hint = $hint;
         $this->redirectUri = $redirectUri;
         $this->payload = [
-            'error'   => $errorType,
-            'message' => $message,
+            'error'             => $errorType,
+            'error_description' => $message,
         ];
         if ($hint !== null) {
             $this->payload['hint'] = $hint;
@@ -74,7 +74,15 @@ class OAuthServerException extends Exception
      */
     public function getPayload()
     {
-        return $this->payload;
+        $payload = $this->payload;
+
+        // The "message" property is deprecated and replaced by "error_description"
+        // TODO: remove "message" property
+        if (isset($payload['error_description']) && !isset($payload['message'])) {
+            $payload['message'] = $payload['error_description'];
+        }
+
+        return $payload;
     }
 
     /**
diff --git a/tests/Middleware/AuthorizationServerMiddlewareTest.php b/tests/Middleware/AuthorizationServerMiddlewareTest.php
index 99118736..fb11c483 100644
--- a/tests/Middleware/AuthorizationServerMiddlewareTest.php
+++ b/tests/Middleware/AuthorizationServerMiddlewareTest.php
@@ -104,7 +104,7 @@ class AuthorizationServerMiddlewareTest extends TestCase
         $response = $exception->generateHttpResponse(new Response());
 
         $this->assertEquals(302, $response->getStatusCode());
-        $this->assertEquals('http://foo/bar?error=invalid_scope&message=The+requested+scope+is+invalid%2C+unknown%2C+or+malformed&hint=Check+the+%60test%60+scope',
+        $this->assertEquals('http://foo/bar?error=invalid_scope&error_description=The+requested+scope+is+invalid%2C+unknown%2C+or+malformed&hint=Check+the+%60test%60+scope&message=The+requested+scope+is+invalid%2C+unknown%2C+or+malformed',
             $response->getHeader('location')[0]);
     }
 
@@ -114,7 +114,7 @@ class AuthorizationServerMiddlewareTest extends TestCase
         $response = $exception->generateHttpResponse(new Response(), true);
 
         $this->assertEquals(302, $response->getStatusCode());
-        $this->assertEquals('http://foo/bar#error=invalid_scope&message=The+requested+scope+is+invalid%2C+unknown%2C+or+malformed&hint=Check+the+%60test%60+scope',
+        $this->assertEquals('http://foo/bar#error=invalid_scope&error_description=The+requested+scope+is+invalid%2C+unknown%2C+or+malformed&hint=Check+the+%60test%60+scope&message=The+requested+scope+is+invalid%2C+unknown%2C+or+malformed',
             $response->getHeader('location')[0]);
     }
 }

From 0a78236f171dc87e2f21b219b0a753b4887549ff Mon Sep 17 00:00:00 2001
From: Andrew Millington <andrew@noexceptions.io>
Date: Fri, 29 Mar 2019 18:18:35 +0000
Subject: [PATCH 2/3] Update changelog for version 7.3.3

---
 CHANGELOG.md | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 2b75288d..fac066b5 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -6,6 +6,13 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 
 ## [Unreleased]
 
+## [7.3.3] - released 2019-03-29
+### Added
+- Added `error_description` to the error payload to improve standards compliance. The contents of this are copied from the existing `message` value. (PR #1006)
+
+### Deprecated
+- Error payload will not issue `message` value in the next major release (PR #1006)
+
 ## [7.3.2] - released 2018-11-21
 
 ### Fixed

From c7f499849704ebe2c60b45b6d6bb231df5601d4a Mon Sep 17 00:00:00 2001
From: Andrew Millington <andrew@noexceptions.io>
Date: Fri, 29 Mar 2019 18:19:35 +0000
Subject: [PATCH 3/3] Update links

---
 CHANGELOG.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index fac066b5..cefe5953 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -439,7 +439,8 @@ Version 5 is a complete code rewrite.
 
 - First major release
 
-[Unreleased]: https://github.com/thephpleague/oauth2-server/compare/7.3.2...HEAD
+[Unreleased]: https://github.com/thephpleague/oauth2-server/compare/7.3.3...HEAD
+[7.3.3]: https://github.com/thephpleague/oauth2-server/compare/7.3.2...7.3.3
 [7.3.2]: https://github.com/thephpleague/oauth2-server/compare/7.3.1...7.3.2
 [7.3.1]: https://github.com/thephpleague/oauth2-server/compare/7.3.0...7.3.1
 [7.3.0]: https://github.com/thephpleague/oauth2-server/compare/7.2.0...7.3.0