ElyBy-Mirror/oauth2-server
1
0
Fork 0
mirror of https://github.com/elyby/oauth2-server.git synced 2025-05-31 14:12:07 +05:30
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #444 from juliangut/secure_body_params_access

Browse Source 
V5 - Secure access to body params
This commit is contained in:
Alex Bilbie
2016-03-10 17:47:20 +00:00
parent 0ae8863322 1bdeb71efb
commit 2b2d4a3df7
2 changed files with 37 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

47
src/Grant/AuthCodeGrant.php
View File

@@ -289,29 +289,6 @@ class AuthCodeGrant extends AbstractAuthorizeGrant
return $responseType;
}
/**
* {@inheritdoc}
*/
public function canRespondToRequest(ServerRequestInterface $request)
{
return
(
isset($request->getQueryParams()['response_type'])
&& $request->getQueryParams()['response_type'] === 'code'
&& isset($request->getQueryParams()['client_id'])
) || (parent::canRespondToRequest($request));
}
/**
* Return the grant identifier that can be used in matching up requests.
*
* @return string
*/
public function getIdentifier()
{
return 'authorization_code';
}
/**
* {@inheritdoc}
*/
@@ -329,4 +306,28 @@ class AuthCodeGrant extends AbstractAuthorizeGrant
return $this->respondToAccessTokenRequest($request, $responseType, $accessTokenTTL);
}
/**
* {@inheritdoc}
*/
public function canRespondToRequest(ServerRequestInterface $request)
{
return
(
array_key_exists('response_type', $request->getQueryParams())
&& $request->getQueryParams()['response_type'] === 'code'
&& isset($request->getQueryParams()['client_id'])
)
|| parent::canRespondToRequest($request);
}
/**
* Return the grant identifier that can be used in matching up requests.
*
* @return string
*/
public function getIdentifier()
{
return 'authorization_code';
}
}