From 76f2f6a5e13fcca960959d9a662a0a609941d130 Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Thu, 9 May 2013 10:43:44 -0700 Subject: [PATCH] Don't delete old sessions when issuing new access tokens using the Password or Client Credential grants. Fixes #32 --- src/League/OAuth2/Server/Grant/ClientCredentials.php | 3 --- src/League/OAuth2/Server/Grant/Password.php | 3 --- 2 files changed, 6 deletions(-) diff --git a/src/League/OAuth2/Server/Grant/ClientCredentials.php b/src/League/OAuth2/Server/Grant/ClientCredentials.php index 027a51d9..363dfb53 100644 --- a/src/League/OAuth2/Server/Grant/ClientCredentials.php +++ b/src/League/OAuth2/Server/Grant/ClientCredentials.php @@ -149,9 +149,6 @@ class ClientCredentials implements GrantTypeInterface { $accessTokenExpiresIn = ($this->accessTokenTTL !== null) ? $this->accessTokenTTL : $this->authServer->getAccessTokenTTL(); $accessTokenExpires = time() + $accessTokenExpiresIn; - // Delete any existing sessions just to be sure - $this->authServer->getStorage('session')->deleteSession($authParams['client_id'], 'client', $authParams['client_id']); - // Create a new session $sessionId = $this->authServer->getStorage('session')->createSession($authParams['client_id'], 'client', $authParams['client_id']); diff --git a/src/League/OAuth2/Server/Grant/Password.php b/src/League/OAuth2/Server/Grant/Password.php index eff20f32..9cbb90e9 100644 --- a/src/League/OAuth2/Server/Grant/Password.php +++ b/src/League/OAuth2/Server/Grant/Password.php @@ -193,9 +193,6 @@ class Password implements GrantTypeInterface { $accessTokenExpiresIn = ($this->accessTokenTTL !== null) ? $this->accessTokenTTL : $this->authServer->getAccessTokenTTL(); $accessTokenExpires = time() + $accessTokenExpiresIn; - // Delete any existing sessions just to be sure - $this->authServer->getStorage('session')->deleteSession($authParams['client_id'], 'user', $userId); - // Create a new session $sessionId = $this->authServer->getStorage('session')->createSession($authParams['client_id'], 'user', $userId);