From d22f222e65c03623d8a2c829f5b853ca3e52f0f9 Mon Sep 17 00:00:00 2001 From: liverbool Date: Sat, 13 Jan 2018 11:52:31 +0700 Subject: [PATCH 1/3] BUGFIX: Wrong redirect uri. This's bugfix when redirect on error. --- src/Grant/AuthCodeGrant.php | 4 ++-- src/Grant/ImplicitGrant.php | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/src/Grant/AuthCodeGrant.php b/src/Grant/AuthCodeGrant.php index 6f2b6ff8..6a342228 100644 --- a/src/Grant/AuthCodeGrant.php +++ b/src/Grant/AuthCodeGrant.php @@ -249,9 +249,9 @@ class AuthCodeGrant extends AbstractAuthorizeGrant $scopes = $this->validateScopes( $this->getQueryStringParameter('scope', $request, $this->defaultScope), - is_array($client->getRedirectUri()) + $redirectUri ?: (is_array($client->getRedirectUri()) ? $client->getRedirectUri()[0] - : $client->getRedirectUri() + : $client->getRedirectUri()) ); $stateParameter = $this->getQueryStringParameter('state', $request); diff --git a/src/Grant/ImplicitGrant.php b/src/Grant/ImplicitGrant.php index f3c9e694..a10ac642 100644 --- a/src/Grant/ImplicitGrant.php +++ b/src/Grant/ImplicitGrant.php @@ -158,9 +158,9 @@ class ImplicitGrant extends AbstractAuthorizeGrant $scopes = $this->validateScopes( $this->getQueryStringParameter('scope', $request, $this->defaultScope), - is_array($client->getRedirectUri()) + $redirectUri ?: (is_array($client->getRedirectUri()) ? $client->getRedirectUri()[0] - : $client->getRedirectUri() + : $client->getRedirectUri()) ); // Finalize the requested scopes From b3cd73cac7c788aa50d8a924ccfa0adbc9f1d5eb Mon Sep 17 00:00:00 2001 From: liverbool Date: Fri, 9 Feb 2018 05:54:05 +0700 Subject: [PATCH 2/3] code cleaner cc. Co-Authored-By: Andrew Millington --- src/Grant/AuthCodeGrant.php | 12 ++++++------ src/Grant/ImplicitGrant.php | 12 ++++++------ 2 files changed, 12 insertions(+), 12 deletions(-) diff --git a/src/Grant/AuthCodeGrant.php b/src/Grant/AuthCodeGrant.php index 6a342228..7f83d3fe 100644 --- a/src/Grant/AuthCodeGrant.php +++ b/src/Grant/AuthCodeGrant.php @@ -240,18 +240,18 @@ class AuthCodeGrant extends AbstractAuthorizeGrant $this->getEmitter()->emit(new RequestEvent(RequestEvent::CLIENT_AUTHENTICATION_FAILED, $request)); throw OAuthServerException::invalidClient(); } - } elseif (is_array($client->getRedirectUri()) && count($client->getRedirectUri()) !== 1 - || empty($client->getRedirectUri()) - ) { + } elseif (empty($client->getRedirectUri())) { $this->getEmitter()->emit(new RequestEvent(RequestEvent::CLIENT_AUTHENTICATION_FAILED, $request)); throw OAuthServerException::invalidClient(); + } else { + $redirectUri = is_array($client->getRedirectUri()) + ? $client->getRedirectUri()[0] + : $client->getRedirectUri(); } $scopes = $this->validateScopes( $this->getQueryStringParameter('scope', $request, $this->defaultScope), - $redirectUri ?: (is_array($client->getRedirectUri()) - ? $client->getRedirectUri()[0] - : $client->getRedirectUri()) + $redirectUri ); $stateParameter = $this->getQueryStringParameter('state', $request); diff --git a/src/Grant/ImplicitGrant.php b/src/Grant/ImplicitGrant.php index a10ac642..9dd80ce1 100644 --- a/src/Grant/ImplicitGrant.php +++ b/src/Grant/ImplicitGrant.php @@ -149,18 +149,18 @@ class ImplicitGrant extends AbstractAuthorizeGrant $this->getEmitter()->emit(new RequestEvent(RequestEvent::CLIENT_AUTHENTICATION_FAILED, $request)); throw OAuthServerException::invalidClient(); } - } elseif (is_array($client->getRedirectUri()) && count($client->getRedirectUri()) !== 1 - || empty($client->getRedirectUri()) - ) { + } elseif (empty($client->getRedirectUri())) { $this->getEmitter()->emit(new RequestEvent(RequestEvent::CLIENT_AUTHENTICATION_FAILED, $request)); throw OAuthServerException::invalidClient(); + } else { + $redirectUri = is_array($client->getRedirectUri()) + ? $client->getRedirectUri()[0] + : $client->getRedirectUri(); } $scopes = $this->validateScopes( $this->getQueryStringParameter('scope', $request, $this->defaultScope), - $redirectUri ?: (is_array($client->getRedirectUri()) - ? $client->getRedirectUri()[0] - : $client->getRedirectUri()) + $redirectUri ); // Finalize the requested scopes From 5fb9fc929ac3d04ddd4141b0151a23483ab74141 Mon Sep 17 00:00:00 2001 From: Andrew Millington Date: Sun, 11 Feb 2018 20:10:01 +0000 Subject: [PATCH 3/3] Reinstate check on client redirect URI to fail if multiple redirect URIs have been listed for the client and one has not been specified in the auth request --- src/Grant/AuthCodeGrant.php | 3 ++- src/Grant/ImplicitGrant.php | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/src/Grant/AuthCodeGrant.php b/src/Grant/AuthCodeGrant.php index 7f83d3fe..ba77c99a 100644 --- a/src/Grant/AuthCodeGrant.php +++ b/src/Grant/AuthCodeGrant.php @@ -240,7 +240,8 @@ class AuthCodeGrant extends AbstractAuthorizeGrant $this->getEmitter()->emit(new RequestEvent(RequestEvent::CLIENT_AUTHENTICATION_FAILED, $request)); throw OAuthServerException::invalidClient(); } - } elseif (empty($client->getRedirectUri())) { + } elseif (is_array($client->getRedirectUri()) && count($client->getRedirectUri()) !== 1 + || empty($client->getRedirectUri())) { $this->getEmitter()->emit(new RequestEvent(RequestEvent::CLIENT_AUTHENTICATION_FAILED, $request)); throw OAuthServerException::invalidClient(); } else { diff --git a/src/Grant/ImplicitGrant.php b/src/Grant/ImplicitGrant.php index 9dd80ce1..5a6fccb1 100644 --- a/src/Grant/ImplicitGrant.php +++ b/src/Grant/ImplicitGrant.php @@ -149,7 +149,8 @@ class ImplicitGrant extends AbstractAuthorizeGrant $this->getEmitter()->emit(new RequestEvent(RequestEvent::CLIENT_AUTHENTICATION_FAILED, $request)); throw OAuthServerException::invalidClient(); } - } elseif (empty($client->getRedirectUri())) { + } elseif (is_array($client->getRedirectUri()) && count($client->getRedirectUri()) !== 1 + || empty($client->getRedirectUri())) { $this->getEmitter()->emit(new RequestEvent(RequestEvent::CLIENT_AUTHENTICATION_FAILED, $request)); throw OAuthServerException::invalidClient(); } else {