mirror of
https://github.com/elyby/oauth2-server.git
synced 2024-12-23 05:29:52 +05:30
Throw correct exception when access token is invalid
This commit is contained in:
parent
6a0596f40b
commit
61f039366b
@ -17,6 +17,7 @@ use League\OAuth2\Server\Storage\SessionInterface;
|
|||||||
use League\OAuth2\Server\Storage\ScopeInterface;
|
use League\OAuth2\Server\Storage\ScopeInterface;
|
||||||
use League\OAuth2\Server\Entity\AccessTokenEntity;
|
use League\OAuth2\Server\Entity\AccessTokenEntity;
|
||||||
use League\OAuth2\Server\TokenType\Bearer;
|
use League\OAuth2\Server\TokenType\Bearer;
|
||||||
|
use League\OAuth2\Server\Exception;
|
||||||
use Symfony\Component\HttpFoundation\Request;
|
use Symfony\Component\HttpFoundation\Request;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -184,7 +185,11 @@ class ResourceServer extends AbstractServer
|
|||||||
// Set the access token
|
// Set the access token
|
||||||
$this->accessToken = $this->storages['access_token']->get($accessTokenString);
|
$this->accessToken = $this->storages['access_token']->get($accessTokenString);
|
||||||
|
|
||||||
return ($this->accessToken instanceof AccessTokenEntity);
|
if (!$this->accessToken instanceof AccessTokenEntity) {
|
||||||
|
throw new Exception\AccessDeniedException;
|
||||||
|
}
|
||||||
|
|
||||||
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -198,9 +203,9 @@ class ResourceServer extends AbstractServer
|
|||||||
if ($this->getRequest()->headers->get('Authorization') !== null) {
|
if ($this->getRequest()->headers->get('Authorization') !== null) {
|
||||||
$accessToken = $this->getTokenType()->determineAccessTokenInHeader($this->getRequest());
|
$accessToken = $this->getTokenType()->determineAccessTokenInHeader($this->getRequest());
|
||||||
} elseif ($headersOnly === false) {
|
} elseif ($headersOnly === false) {
|
||||||
$accessToken = ($this->getRequest()->server->get('REQUEST_METHOD') === 'GET') ?
|
$accessToken = ($this->getRequest()->server->get('REQUEST_METHOD') === 'GET')
|
||||||
$this->getRequest()->query->get($this->tokenKey) :
|
? $this->getRequest()->query->get($this->tokenKey)
|
||||||
$this->getRequest()->request->get($this->tokenKey);
|
: $this->getRequest()->request->get($this->tokenKey);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (empty($accessToken)) {
|
if (empty($accessToken)) {
|
||||||
|
@ -110,8 +110,8 @@ class ResourceServerTest extends \PHPUnit_Framework_TestCase
|
|||||||
$scopeStorage
|
$scopeStorage
|
||||||
);
|
);
|
||||||
|
|
||||||
$this->setExpectedException('League\OAuth2\Server\Exception\InvalidRequestException');
|
$this->setExpectedException('League\OAuth2\Server\Exception\AccessDeniedException');
|
||||||
$server->isValidRequest();
|
$server->isValidRequest(false, 'foobar');
|
||||||
}
|
}
|
||||||
|
|
||||||
public function testIsValid()
|
public function testIsValid()
|
||||||
|
Loading…
Reference in New Issue
Block a user