From 35c6f28aefcd3dddf780c6b781057516cd1f101d Mon Sep 17 00:00:00 2001
From: Andrew Millington <andrew@noexceptions.io>
Date: Thu, 3 May 2018 17:06:27 +0100
Subject: [PATCH 1/8] Add drupal integration to the readme

---
 README.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/README.md b/README.md
index 61d149a0..30db07a6 100644
--- a/README.md
+++ b/README.md
@@ -63,6 +63,7 @@ We use [Travis CI](https://travis-ci.org/), [Scrutinizer](https://scrutinizer-ci
 
 ## Community Integrations
 
+* [Drupal](https://www.drupal.org/project/simple_oauth)
 * [Laravel Passport](https://github.com/laravel/passport)
 * [OAuth 2 Server for CakePHP 3](https://github.com/uafrica/oauth-server)
 

From 28276cb6884868de518e7c12feae7f0e28b57e6d Mon Sep 17 00:00:00 2001
From: Andrew Millington <andrew@noexceptions.io>
Date: Wed, 16 May 2018 13:36:29 +0100
Subject: [PATCH 2/8] Add PSR-7 to the requirements in the readme

This fixes issue #640
---
 README.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/README.md b/README.md
index 30db07a6..e4d90f46 100644
--- a/README.md
+++ b/README.md
@@ -37,6 +37,8 @@ The following versions of PHP are supported:
 
 The `openssl` extension is also required.
 
+All HTTP messages passed to the server should be [PSR-7 compliant](https://www.php-fig.org/psr/psr-7/). This ensures interoperability between other packages and frameworks.
+
 ## Installation
 
 ```

From a3d4f583eda467012ac928056d2a84d05bbe520d Mon Sep 17 00:00:00 2001
From: Andrew Millington <amillington@podfather.com>
Date: Thu, 17 May 2018 13:06:03 +0100
Subject: [PATCH 3/8] Fix #745

---
 src/Exception/OAuthServerException.php | 10 ++--------
 1 file changed, 2 insertions(+), 8 deletions(-)

diff --git a/src/Exception/OAuthServerException.php b/src/Exception/OAuthServerException.php
index 65fe861e..24179ce5 100644
--- a/src/Exception/OAuthServerException.php
+++ b/src/Exception/OAuthServerException.php
@@ -294,14 +294,8 @@ class OAuthServerException extends \Exception
         // include the "WWW-Authenticate" response header field
         // matching the authentication scheme used by the client.
         // @codeCoverageIgnoreStart
-        if ($this->errorType === 'invalid_client') {
-            $authScheme = 'Basic';
-            if (array_key_exists('HTTP_AUTHORIZATION', $_SERVER) !== false
-                && strpos($_SERVER['HTTP_AUTHORIZATION'], 'Bearer') === 0
-            ) {
-                $authScheme = 'Bearer';
-            }
-            $headers['WWW-Authenticate'] = $authScheme . ' realm="OAuth"';
+        if ($this->errorType === 'invalid_client' && array_key_exists('HTTP_AUTHORIZATION', $_SERVER) !== false) {
+           $headers['WWW-Authenticate'] = $authScheme . ' realm="OAuth"';
         }
         // @codeCoverageIgnoreEnd
         return $headers;

From 8a25e0a01b1367c748d024019ddd34d48861171e Mon Sep 17 00:00:00 2001
From: Andrew Millington <amillington@podfather.com>
Date: Thu, 17 May 2018 13:12:32 +0100
Subject: [PATCH 4/8] Update changelog

---
 CHANGELOG.md | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index bece8e44..dcac3bfd 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -6,6 +6,9 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 
 ## [Unreleased]
 
+### Fixed
+- No longer set a WWW-Authenticate header for invalid clients if the client did not send an Authorization header in the original request
+
 ## [7.1.0] - released 2018-04-22
 
 ### Changed

From 19d782d223710e604e3650666412b8b8be2cc2ba Mon Sep 17 00:00:00 2001
From: Andrew Millington <amillington@podfather.com>
Date: Thu, 17 May 2018 13:13:30 +0100
Subject: [PATCH 5/8] Fix alignment

---
 src/Exception/OAuthServerException.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/Exception/OAuthServerException.php b/src/Exception/OAuthServerException.php
index 24179ce5..9b798f76 100644
--- a/src/Exception/OAuthServerException.php
+++ b/src/Exception/OAuthServerException.php
@@ -295,7 +295,7 @@ class OAuthServerException extends \Exception
         // matching the authentication scheme used by the client.
         // @codeCoverageIgnoreStart
         if ($this->errorType === 'invalid_client' && array_key_exists('HTTP_AUTHORIZATION', $_SERVER) !== false) {
-           $headers['WWW-Authenticate'] = $authScheme . ' realm="OAuth"';
+            $headers['WWW-Authenticate'] = $authScheme . ' realm="OAuth"';
         }
         // @codeCoverageIgnoreEnd
         return $headers;

From 3ea0cdc9365d427fe863c94939a2dba952c9f158 Mon Sep 17 00:00:00 2001
From: Andrew Millington <amillington@podfather.com>
Date: Thu, 17 May 2018 13:19:32 +0100
Subject: [PATCH 6/8] Set authScheme

---
 src/Exception/OAuthServerException.php | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/Exception/OAuthServerException.php b/src/Exception/OAuthServerException.php
index 9b798f76..fe615262 100644
--- a/src/Exception/OAuthServerException.php
+++ b/src/Exception/OAuthServerException.php
@@ -295,6 +295,8 @@ class OAuthServerException extends \Exception
         // matching the authentication scheme used by the client.
         // @codeCoverageIgnoreStart
         if ($this->errorType === 'invalid_client' && array_key_exists('HTTP_AUTHORIZATION', $_SERVER) !== false) {
+            $authScheme = strpos($_SERVER['HTTP_AUTHORIZATION'], 'Bearer') === 0 ? 'Bearer' : 'Basic';            
+
             $headers['WWW-Authenticate'] = $authScheme . ' realm="OAuth"';
         }
         // @codeCoverageIgnoreEnd

From 0242d0c9968e55cb8737470f55882a13f7f8c895 Mon Sep 17 00:00:00 2001
From: Andrew Millington <amillington@podfather.com>
Date: Thu, 17 May 2018 13:21:39 +0100
Subject: [PATCH 7/8] Remove spaces at end of line

---
 src/Exception/OAuthServerException.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/Exception/OAuthServerException.php b/src/Exception/OAuthServerException.php
index fe615262..14297e75 100644
--- a/src/Exception/OAuthServerException.php
+++ b/src/Exception/OAuthServerException.php
@@ -295,7 +295,7 @@ class OAuthServerException extends \Exception
         // matching the authentication scheme used by the client.
         // @codeCoverageIgnoreStart
         if ($this->errorType === 'invalid_client' && array_key_exists('HTTP_AUTHORIZATION', $_SERVER) !== false) {
-            $authScheme = strpos($_SERVER['HTTP_AUTHORIZATION'], 'Bearer') === 0 ? 'Bearer' : 'Basic';            
+            $authScheme = strpos($_SERVER['HTTP_AUTHORIZATION'], 'Bearer') === 0 ? 'Bearer' : 'Basic'; 
 
             $headers['WWW-Authenticate'] = $authScheme . ' realm="OAuth"';
         }

From 2e3ee60a2ac5ba0a7eb5673884f1e156438ce6a1 Mon Sep 17 00:00:00 2001
From: Andrew Millington <amillington@podfather.com>
Date: Thu, 17 May 2018 13:27:30 +0100
Subject: [PATCH 8/8] Remove additional whitespace

---
 src/Exception/OAuthServerException.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/Exception/OAuthServerException.php b/src/Exception/OAuthServerException.php
index 14297e75..a62d961d 100644
--- a/src/Exception/OAuthServerException.php
+++ b/src/Exception/OAuthServerException.php
@@ -295,7 +295,7 @@ class OAuthServerException extends \Exception
         // matching the authentication scheme used by the client.
         // @codeCoverageIgnoreStart
         if ($this->errorType === 'invalid_client' && array_key_exists('HTTP_AUTHORIZATION', $_SERVER) !== false) {
-            $authScheme = strpos($_SERVER['HTTP_AUTHORIZATION'], 'Bearer') === 0 ? 'Bearer' : 'Basic'; 
+            $authScheme = strpos($_SERVER['HTTP_AUTHORIZATION'], 'Bearer') === 0 ? 'Bearer' : 'Basic';
 
             $headers['WWW-Authenticate'] = $authScheme . ' realm="OAuth"';
         }