Merge pull request #1112 from Sephster/pass-authcode-to-finalize-scopes

Pass authcode to finalize scopes
thephpleague · Apr 18, 2020 · 4e0b715 · 4e0b715
2 parents 21d1f9a + ebeb0f4
commit 4e0b715
Show file tree

Hide file tree

Showing 4 changed files with 11 additions and 4 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -19,6 +19,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 
 ### Changed (v9)
 - Authorization Request objects are now created through the factory method, `createAuthorizationRequest()` (PR #1111)
+- Changed parameters for `finalizeScopes()` to allow a reference to an auth code ID (PR #1112)
 
 ### Changed
 - If an error is encountered when running `preg_match()` to validate an RSA key, the server will now throw a RuntimeException (PR #1047)

diff --git a/src/Grant/AuthCodeGrant.php b/src/Grant/AuthCodeGrant.php
@@ -119,7 +119,8 @@ public function respondToAccessTokenRequest(
                 $this->validateScopes($authCodePayload->scopes),
                 $this->getIdentifier(),
                 $client,
-                $authCodePayload->user_id
+                $authCodePayload->user_id,
+                $authCodePayload->auth_code_id
             );
         } catch (LogicException $e) {
             throw OAuthServerException::invalidRequest('code', 'Cannot decrypt the authorization code', $e);

diff --git a/src/Grant/PasswordGrant.php b/src/Grant/PasswordGrant.php
@@ -53,8 +53,11 @@ public function respondToAccessTokenRequest(
         $scopes = $this->validateScopes($this->getRequestParameter('scope', $request, $this->defaultScope));
         $user = $this->validateUser($request, $client);
 
-        // Finalize the requested scopes
-        $finalizedScopes = $this->scopeRepository->finalizeScopes($scopes, $this->getIdentifier(), $client, $user->getIdentifier());
+        $finalizedScopes = $this->scopeRepository->finalizeScopes(
+            $scopes,
+            $this->getIdentifier(),
+            $client,
+            $user->getIdentifier());
 
         // Issue and persist new access token
         $accessToken = $this->issueAccessToken($accessTokenTTL, $client, $user->getIdentifier(), $finalizedScopes);

diff --git a/src/Repositories/ScopeRepositoryInterface.php b/src/Repositories/ScopeRepositoryInterface.php
@@ -34,13 +34,15 @@ public function getScopeEntityByIdentifier($identifier);
      * @param string                 $grantType
      * @param ClientEntityInterface  $clientEntity
      * @param null|string            $userIdentifier
+     * @param null|string            $authCodeId
      *
      * @return ScopeEntityInterface[]
      */
     public function finalizeScopes(
         array $scopes,
         $grantType,
         ClientEntityInterface $clientEntity,
-        $userIdentifier = null
+        $userIdentifier = null,
+        $authCodeId = null
     );
 }