Skip SHA256 verifier if system doesn't support sha256

This commit is contained in:
Ian Littman 2019-05-11 13:44:58 -05:00
parent d7defafd83
commit 4ecd3131c1
No known key found for this signature in database
GPG Key ID: 55488EB78A0AFBE3

View File

@ -58,14 +58,13 @@ class AuthCodeGrant extends AbstractAuthorizeGrant
$this->authCodeTTL = $authCodeTTL;
$this->refreshTokenTTL = new DateInterval('P1M');
// SHOULD ONLY DO THIS IS SHA256 is supported
if (in_array('sha256', hash_algos(), true)) {
$s256Verifier = new S256Verifier();
$plainVerifier = new PlainVerifier();
$this->codeChallengeVerifiers[$s256Verifier->getMethod()] = $s256Verifier;
}
$this->codeChallengeVerifiers = [
$s256Verifier->getMethod() => $s256Verifier,
$plainVerifier->getMethod() => $plainVerifier,
];
$plainVerifier = new PlainVerifier();
$this->codeChallengeVerifiers[$plainVerifier->getMethod()] = $plainVerifier;
}
/**