From 322b55eddf730fe81fbfd7bd2840fff7550a3d01 Mon Sep 17 00:00:00 2001
From: sephster <andrew@noexceptions.io>
Date: Sat, 13 Oct 2018 16:11:44 +0100
Subject: [PATCH] Remove getScopes function and use validateScopes instead

---
 src/Grant/AbstractGrant.php | 22 ++++++++++++++++++----
 src/Grant/AuthCodeGrant.php | 28 +---------------------------
 2 files changed, 19 insertions(+), 31 deletions(-)

diff --git a/src/Grant/AbstractGrant.php b/src/Grant/AbstractGrant.php
index 99f1626a..b6b14cf0 100644
--- a/src/Grant/AbstractGrant.php
+++ b/src/Grant/AbstractGrant.php
@@ -242,13 +242,13 @@ abstract class AbstractGrant implements GrantTypeInterface
      */
     public function validateScopes($scopes, $redirectUri = null)
     {
-        $scopesList = array_filter(explode(self::SCOPE_DELIMITER_STRING, trim($scopes)), function ($scope) {
-            return !empty($scope);
-        });
+        if (!is_array($scopes)) {
+            $scopes = $this->convertScopesQueryStringToArray($scopes);
+        }
 
         $validScopes = [];
 
-        foreach ($scopesList as $scopeItem) {
+        foreach ($scopes as $scopeItem) {
             $scope = $this->scopeRepository->getScopeEntityByIdentifier($scopeItem);
 
             if ($scope instanceof ScopeEntityInterface === false) {
@@ -261,6 +261,20 @@ abstract class AbstractGrant implements GrantTypeInterface
         return $validScopes;
     }
 
+    /**
+     * Converts a scopes query string to an array to easily iterate for validation.
+     *
+     * @param string $scopes
+     *
+     * @return array
+     */
+    private function convertScopesQueryStringToArray($scopes)
+    {
+        return array_filter(explode(self::SCOPE_DELIMITER_STRING, trim($scopes)), function ($scope) {
+            return !empty($scope);
+        });
+    }
+
     /**
      * Retrieve request parameter.
      *
diff --git a/src/Grant/AuthCodeGrant.php b/src/Grant/AuthCodeGrant.php
index 441dfe48..16f56481 100644
--- a/src/Grant/AuthCodeGrant.php
+++ b/src/Grant/AuthCodeGrant.php
@@ -86,7 +86,7 @@ class AuthCodeGrant extends AbstractAuthorizeGrant
             $this->validateAuthorizationCode($authCodePayload, $client, $request);
 
             $scopes = $this->scopeRepository->finalizeScopes(
-                $this->getScopes($authCodePayload),
+                $this->validateScopes($authCodePayload->scopes),
                 $this->getIdentifier(),
                 $client,
                 $authCodePayload->user_id
@@ -194,32 +194,6 @@ class AuthCodeGrant extends AbstractAuthorizeGrant
         }
     }
 
-    /**
-     * Get scopes from the auth code payload.
-     *
-     * @param \stdClass $authCodePayload
-     *
-     * @return array
-     */
-    private function getScopes($authCodePayload)
-    {
-        $scopes = [];
-
-        foreach ($authCodePayload->scopes as $scopeId) {
-            $scope = $this->scopeRepository->getScopeEntityByIdentifier($scopeId);
-
-            if ($scope instanceof ScopeEntityInterface === false) {
-                // @codeCoverageIgnoreStart
-                throw OAuthServerException::invalidScope($scopeId);
-                // @codeCoverageIgnoreEnd
-            }
-
-            $scopes[] = $scope;
-        }
-
-        return $scopes;
-    }
-
     /**
      * Return the grant identifier that can be used in matching up requests.
      *