ElyBy-Mirror/oauth2-server
1
0
Fork 0
mirror of https://github.com/elyby/oauth2-server.git synced 2024-11-01 16:33:07 +05:30
Code Issues Packages Projects Releases Wiki Activity

Reworked newAuthoriseRequest method so that is always creates a new session (and removes any existing sessions)

Browse Source
This commit is contained in:
Alex Bilbie 2012-07-25 12:03:25 +01:00
parent 17ce8b97d8
commit 411cab1734
1 changed files with 15 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

50
src/Oauth2/Server.php
View File

@ -201,43 +201,23 @@ maintenance of the server.'
*/
public function newAuthoriseRequest($type, $typeId, $authoriseParams)
{
// Check if the user already has an access token
$accessToken = $this->db->hasAccessToken($type, $typeId,
$authoriseParams['client_id']);
// Remove any old sessions the user might have
$this->db->deleteSession(
$authoriseParams['client_id'],
$type,
$typeId
);
if ($accessToken !== false) {
// Create the new auth code
$authCode = $this->newAuthCode(
$authoriseParams['client_id'],
'user',
$typeId,
$authoriseParams['redirect_uri'],
$authoriseParams['scopes']
);
// Validate the access token matches the scopes requested
$originalScopes = $this->db->accessTokenScopes($accessToken);
foreach ($authoriseParams['scopes'] as $scope) {
if ( ! in_array($scope, $originalScopes)) {
throw new OAuthServerClientException(
$this->errors['invalid_scope'], 4);
}
}
// The user has authorised the client so generate a new
// authorisation code and return it
$authCode = $this->newAuthCode($authoriseParams['client_id'],
'user', $typeId, $authoriseParams['redirect_uri'],
$authoriseParams['scopes'], $accessToken);
return $authCode;
} else {
$authCode = $this->newAuthCode($authoriseParams['client_id'],
'user', $typeId, $authoriseParams['redirect_uri'],
$authoriseParams['scopes']);
return $authCode;
}
return $authCode;
}
/**