diff --git a/src/Grant/AbstractGrant.php b/src/Grant/AbstractGrant.php index 21909712..cef10008 100644 --- a/src/Grant/AbstractGrant.php +++ b/src/Grant/AbstractGrant.php @@ -161,7 +161,8 @@ abstract class AbstractGrant implements GrantTypeInterface $client = $this->clientRepository->getClientEntity( $clientId, $this->getIdentifier(), - $clientSecret + $clientSecret, + true ); if (!$client instanceof ClientEntityInterface) { diff --git a/src/Grant/AuthCodeGrant.php b/src/Grant/AuthCodeGrant.php index 64ae2dcc..75454707 100644 --- a/src/Grant/AuthCodeGrant.php +++ b/src/Grant/AuthCodeGrant.php @@ -165,7 +165,9 @@ class AuthCodeGrant extends AbstractAuthorizeGrant $client = $this->clientRepository->getClientEntity( $clientId, - $this->getIdentifier() + $this->getIdentifier(), + null, + false ); if ($client instanceof ClientEntityInterface === false) { diff --git a/src/Grant/ImplicitGrant.php b/src/Grant/ImplicitGrant.php index e7ac0d15..6dc53172 100644 --- a/src/Grant/ImplicitGrant.php +++ b/src/Grant/ImplicitGrant.php @@ -117,7 +117,9 @@ class ImplicitGrant extends AbstractAuthorizeGrant $client = $this->clientRepository->getClientEntity( $clientId, - $this->getIdentifier() + $this->getIdentifier(), + null, + false ); if ($client instanceof ClientEntityInterface === false) { diff --git a/src/Repositories/ClientRepositoryInterface.php b/src/Repositories/ClientRepositoryInterface.php index a5d4c32d..fc56c2f3 100644 --- a/src/Repositories/ClientRepositoryInterface.php +++ b/src/Repositories/ClientRepositoryInterface.php @@ -16,11 +16,13 @@ interface ClientRepositoryInterface extends RepositoryInterface /** * Get a client. * - * @param string $clientIdentifier The client's identifier - * @param string $grantType The grant type used - * @param null|string $clientSecret The client's secret (if sent) + * @param string $clientIdentifier The client's identifier + * @param string $grantType The grant type used + * @param null|string $clientSecret The client's secret (if sent) + * @param bool $mustValidateSecret If true the client must attempt to validate the secret unless the client + * is confidential * * @return \League\OAuth2\Server\Entities\ClientEntityInterface */ - public function getClientEntity($clientIdentifier, $grantType, $clientSecret = null); + public function getClientEntity($clientIdentifier, $grantType, $clientSecret = null, $mustValidateSecret = true); }