ElyBy-Mirror/oauth2-server
1
0
Fork 0
mirror of https://github.com/elyby/oauth2-server.git synced 2025-01-03 18:51:53 +05:30
Code Issues Packages Projects Releases Wiki Activity

Documented $mustValidateSecret parameter

Browse Source
This commit is contained in:
Alex Bilbie 2016-04-18 08:38:36 +01:00
parent fd6333297a
commit 59fc16d4c6
1 changed files with 2 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
repository-interface-client.md
View File

@ -10,10 +10,8 @@ permalink: /client-repository-interface/
This method is called to validate a client's credentials. This method is called to validate a client's credentials.
The client secret may or may not be provided depending on the request sent by the client. If the client secret is sent it must be validated. The client secret may or may not be provided depending on the request sent by the client. The boolean `$mustValidateSecret` parameter will indicate whether or not the client secret must be validated. If the client is confidential (i.e. is capable of securely storing a secret) and `$mustValidateSecret === true` then the secret must be validated.
If the grant type is equal to `client_credentials` you should always validate the client secret.
You can use the grant type to determine if the client is permitted to use the grant type. You can use the grant type to determine if the client is permitted to use the grant type.
If the client's credentials are validated you should return an instance of `\League\OAuth2\Server\Entities\Interfaces\ClientEntityInterface` If the client's credentials are validated you should return an instance of `\League\OAuth2\Server\Entities\Interfaces\ClientEntityInterface`