Skip to content

Commit

Permalink
redirect uri is required on auth code
Browse files Browse the repository at this point in the history
  • Loading branch information
hafezdivandari committed Nov 9, 2024
1 parent 34d83aa commit c4c7362
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 9 deletions.
11 changes: 2 additions & 9 deletions src/Grant/AbstractGrant.php
Original file line number Diff line number Diff line change
Expand Up @@ -165,13 +165,6 @@ protected function validateClient(ServerRequestInterface $request): ClientEntity
}
}

// If a redirect URI is provided ensure it matches what is pre-registered
$redirectUri = $this->getRequestParameter('redirect_uri', $request);

if ($redirectUri !== null) {
$this->validateRedirectUri($redirectUri, $client, $request);
}

return $client;
}

Expand Down Expand Up @@ -233,13 +226,13 @@ protected function getClientCredentials(ServerRequestInterface $request): array
* @throws OAuthServerException
*/
protected function validateRedirectUri(
string $redirectUri,
?string $redirectUri,
ClientEntityInterface $client,
ServerRequestInterface $request
): void {
$validator = new RedirectUriValidator($client->getRedirectUri());

if (!$validator->validateRedirectUri($redirectUri)) {
if (is_null($redirectUri) || !$validator->validateRedirectUri($redirectUri)) {
$this->getEmitter()->emit(new RequestEvent(RequestEvent::CLIENT_AUTHENTICATION_FAILED, $request));
throw OAuthServerException::invalidClient($request);
}
Expand Down
2 changes: 2 additions & 0 deletions src/Grant/AuthCodeGrant.php
Original file line number Diff line number Diff line change
Expand Up @@ -98,6 +98,8 @@ public function respondToAccessTokenRequest(
): ResponseTypeInterface {
$client = $this->validateClient($request);

$this->validateRedirectUri($this->getRequestParameter('redirect_uri', $request), $client, $request);

$encryptedAuthCode = $this->getRequestParameter('code', $request);

if ($encryptedAuthCode === null) {
Expand Down

0 comments on commit c4c7362

Please sign in to comment.