allow scopes extraction on GET requests for auth_code and implicit grants

2025-05-31 14:12:07 +05:30 · 2016-03-14 00:12:14 +01:00
parent c3ffed2daf
commit ced63e2051
7 changed files with 18 additions and 25 deletions
--- a/src/Grant/AbstractGrant.php
+++ b/src/Grant/AbstractGrant.php
@@ -226,7 +226,7 @@ abstract class AbstractGrant implements GrantTypeInterface
    /**
     * Validate scopes in the request.
     *
-     * @param \Psr\Http\Message\ServerRequestInterface                        $request
+     * @param string                                                          $scopes
     * @param \League\OAuth2\Server\Entities\Interfaces\ClientEntityInterface $client
     * @param string                                                          $redirectUri
     *
@@ -235,13 +235,12 @@ abstract class AbstractGrant implements GrantTypeInterface
     * @return \League\OAuth2\Server\Entities\ScopeEntity[]
     */
    public function validateScopes(
-        ServerRequestInterface $request,
+        $scopes,
        ClientEntityInterface $client,
        $redirectUri = null
    ) {
-        $requestedScopes = $this->getRequestParameter('scope', $request);
        $scopesList = array_filter(
-            explode(self::SCOPE_DELIMITER_STRING, trim($requestedScopes)),
+            explode(self::SCOPE_DELIMITER_STRING, trim($scopes)),
            function ($scope) {
                return !empty($scope);
            }