diff --git a/src/Grant/AbstractGrant.php b/src/Grant/AbstractGrant.php index 495a08f6..21909712 100644 --- a/src/Grant/AbstractGrant.php +++ b/src/Grant/AbstractGrant.php @@ -215,7 +215,7 @@ abstract class AbstractGrant implements GrantTypeInterface foreach ($scopesList as $scopeItem) { $scope = $this->scopeRepository->getScopeEntityByIdentifier($scopeItem); - if (($scope instanceof ScopeEntityInterface) === false) { + if (!$scope instanceof ScopeEntityInterface) { throw OAuthServerException::invalidScope($scopeItem, $redirectUri); } diff --git a/src/Grant/AuthCodeGrant.php b/src/Grant/AuthCodeGrant.php index 5540dd25..569d72f1 100644 --- a/src/Grant/AuthCodeGrant.php +++ b/src/Grant/AuthCodeGrant.php @@ -4,6 +4,7 @@ namespace League\OAuth2\Server\Grant; use DateInterval; use League\OAuth2\Server\Entities\ClientEntityInterface; +use League\OAuth2\Server\Entities\ScopeEntityInterface; use League\OAuth2\Server\Entities\UserEntityInterface; use League\OAuth2\Server\Exception\OAuthServerException; use League\OAuth2\Server\Repositories\AuthCodeRepositoryInterface; @@ -90,7 +91,7 @@ class AuthCodeGrant extends AbstractAuthorizeGrant foreach ($authCodePayload->scopes as $scopeId) { $scope = $this->scopeRepository->getScopeEntityByIdentifier($scopeId); - if ($scope === false) { + if (!$scope instanceof ScopeEntityInterface) { // @codeCoverageIgnoreStart throw OAuthServerException::invalidScope($scopeId); // @codeCoverageIgnoreEnd diff --git a/src/Grant/RefreshTokenGrant.php b/src/Grant/RefreshTokenGrant.php index 0e27af45..0d65fae6 100644 --- a/src/Grant/RefreshTokenGrant.php +++ b/src/Grant/RefreshTokenGrant.php @@ -10,6 +10,7 @@ */ namespace League\OAuth2\Server\Grant; +use League\OAuth2\Server\Entities\ScopeEntityInterface; use League\OAuth2\Server\Exception\OAuthServerException; use League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface; use League\OAuth2\Server\RequestEvent; @@ -49,7 +50,7 @@ class RefreshTokenGrant extends AbstractGrant $scopes = array_map(function ($scopeId) use ($client) { $scope = $this->scopeRepository->getScopeEntityByIdentifier($scopeId); - if (!$scope) { + if (!$scope instanceof ScopeEntityInterface) { // @codeCoverageIgnoreStart throw OAuthServerException::invalidScope($scopeId); // @codeCoverageIgnoreEnd