diff --git a/src/Grant/AbstractGrant.php b/src/Grant/AbstractGrant.php index 4531a6a3..65ab16cf 100644 --- a/src/Grant/AbstractGrant.php +++ b/src/Grant/AbstractGrant.php @@ -171,15 +171,7 @@ abstract class AbstractGrant implements GrantTypeInterface */ protected function validateClient(ServerRequestInterface $request) { - list($basicAuthUser, $basicAuthPassword) = $this->getBasicAuthCredentials($request); - - $clientId = $this->getRequestParameter('client_id', $request, $basicAuthUser); - - if (is_null($clientId)) { - throw OAuthServerException::invalidRequest('client_id'); - } - - $clientSecret = $this->getRequestParameter('client_secret', $request, $basicAuthPassword); + list($clientId, $clientSecret) = $this->getClientCredentials($request); if ($this->clientRepository->validateClient($clientId, $clientSecret, $this->getIdentifier()) === false) { $this->getEmitter()->emit(new RequestEvent(RequestEvent::CLIENT_AUTHENTICATION_FAILED, $request)); @@ -199,6 +191,29 @@ abstract class AbstractGrant implements GrantTypeInterface return $client; } + /** + * Gets the client credentials from the request from the request body or + * the Http Basic Authorization header + * + * @param ServerRequestInterface $request + * + * @return array + */ + protected function getClientCredentials(ServerRequestInterface $request) + { + list($basicAuthUser, $basicAuthPassword) = $this->getBasicAuthCredentials($request); + + $clientId = $this->getRequestParameter('client_id', $request, $basicAuthUser); + + if (is_null($clientId)) { + throw OAuthServerException::invalidRequest('client_id'); + } + + $clientSecret = $this->getRequestParameter('client_secret', $request, $basicAuthPassword); + + return [$clientId, $clientSecret]; + } + /** * Validate redirectUri from the request. * If a redirect URI is provided ensure it matches what is pre-registered diff --git a/src/Grant/AuthCodeGrant.php b/src/Grant/AuthCodeGrant.php index 974f8373..c340fe96 100644 --- a/src/Grant/AuthCodeGrant.php +++ b/src/Grant/AuthCodeGrant.php @@ -90,11 +90,7 @@ class AuthCodeGrant extends AbstractAuthorizeGrant ResponseTypeInterface $responseType, \DateInterval $accessTokenTTL ) { - $clientId = $this->getRequestParameter('client_id', $request, null); - - if ($clientId === null) { - throw OAuthServerException::invalidRequest('client_id'); - } + list($clientId) = $this->getClientCredentials($request); $client = $this->clientRepository->getClientEntity($clientId);