Comments (9)
I also wonder why the User entity is not passed instead the identifier . This one is used only here:
vendor/league/oauth2-server/src/Grant/AbstractGrant.php
protected function issueAuthCode(
DateInterval $authCodeTTL,
ClientEntityInterface $client,
$userIdentifier,
$redirectUri,
array $scopes = []
) {
$maxGenerationAttempts = self::MAX_RANDOM_TOKEN_GENERATION_ATTEMPTS;
$authCode = $this->authCodeRepository->getNewAuthCode();
$authCode->setExpiryDateTime((new DateTimeImmutable())->add($authCodeTTL));
$authCode->setClient($client);
$authCode->setUserIdentifier($userIdentifier);
vendor/league/oauth2-server/src/Grant/AuthCodeGrant.php
if ($authorizationRequest->isAuthorizationApproved() === true) {
$authCode = $this->issueAuthCode(
$this->authCodeTTL,
$authorizationRequest->getClient(),
$authorizationRequest->getUser()->getIdentifier(),
$authorizationRequest->getRedirectUri(),
$authorizationRequest->getScopes()
And it looks like there is no problem to pass the whole User entity.
On the other hand the current behavior, i.e. using the identifier allows loading the users from somewhere else which I guess is the main idea behind this.
from oauth2-server.
Have you looked at the bundle for Symfony? It might be easier to integrate with your application using it
from oauth2-server.
@Sephster Unfortunately, we cannot use it as we have old Symfony version and not updated yet. But it's a good idea to look there for a workaround, thanks.
from oauth2-server.
@Sephster I see that the Symfony bundle doesn't make any foreign keys in the persistense entities and just fills DB with schema initialization code. It doesn't suit our requirements, we should make database manipulations with migrations.
I just can't understand why in this particular field you don't operate interface and use id. It doesn't make any sense for me.
from oauth2-server.
I can't speak as to why the code is like that as I didn't write the lines you are referencing. I am not sure why this would have such a bearing on your application code though. Are you able to share example code?
I believe people have successfully implemented this lib using Doctrine as the backend in the past as this issue hasn't been raised before so I'm hoping the fix can be done in userland rather than this codebase if possible
from oauth2-server.
Of course, I already found a workaround, but it looks a bit ugly.
from oauth2-server.
@sgoranov yes, I'm talking about the same: always when we're going to link accessToken/authCode to a user, we can pass User entity either and loose nothing. But looks like the code base already cannot be adapted for this, and it will break backward compatibility.
I only wanted to know what decision brought developers to this and understand the solution.
from oauth2-server.
The original developer of this is no longer involved in the project so I can't speak as to why it was implemented that way. Do you have a link to the Doctrine behaviour stating you must pass an object to create a relation? Thanks
from oauth2-server.
Closing due to lack of response
from oauth2-server.
Related Issues (20)
- Configuring client_id and client_secret HOT 2
- Custom unique identifier generator
- Bump league/uri to ^7.0 (psr/http-message:^2.0 related) HOT 4
- Documentation: AuthCode grant redirect_uri must match authorization request
- RefreshTokenGrant requires client_secret also for non-confidential clients HOT 3
- how to validate client when exchanging auth code for access token HOT 1
- Class "League\Uri\UriString" not found HOT 8
- Reuse or revoke existing or access and refresh tokens on new auth HOT 10
- Google warning - Deceptive site ahead HOT 8
- Implict grant for OIDC not supported HOT 1
- Test Refresh Token Fails on Google Home Test Suite HOT 2
- Possibility of using different encryptor for shortening auth code HOT 2
- Does anyone know if this library is vulnerable to this hack? HOT 1
- Support league/event v3 HOT 4
- League/Oauth2-Server Key Exposure In Exception Message HOT 2
- AccessTokenTrait::__toString gives different result each call HOT 1
- Wrong Type in DocBlock 3rd param `AbstractGrant::issueAccessToken` HOT 1
- AuthCodeGrant applies wrong validation rules on code_challenge HOT 4
- 2FA HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from oauth2-server.