[BUG] PAR success code should be 201 not 200?

[hvatum]

Describe the bug or unexpected behaviour

When authenticating against an IDP that demands PAR, the library rejects the response when the return code is 201. The library throws an exception, and does not continue.

According to https://datatracker.ietf.org/doc/html/rfc9126#section-2.2 the return code should be 201, but the code in PARTrait.php checks that is is 200, and throws if it is not.

Steps to reproduce the behavior

Set up authentication against an IDP with PAR support.

Expected behavior

The PAR endpoint returns "201 Created" and the library continues.

Environment:

• PHP version/OS: [8.4, Archlinux]
• Library version: [1.0.2]

Additional context

The behavior of the IDP should, according to According to https://datatracker.ietf.org/doc/html/rfc9126#section-2.2, be to return 201, not 200.

When I simply change 200 to 201 in https://github.com/chillerlan/php-oauth/blob/main/src/Core/PARTrait.php the authentication process works as expected.

[codemasher]

Good catch! Thank you! This is fixed in 35c7dc3.

[hvatum]

Thanks! That was a quick response!