Skip to content
Browse files

abstract password hashing in a way that supports custom hashes in

AuthComponent
  • Loading branch information...
1 parent 8ef36ee commit baa88285682a36cf178b55ba4d5f75a2135083cb @mikesmullin committed Aug 14, 2011
Showing with 13 additions and 7 deletions.
  1. +13 −7 libs/o_auth2_lib.php
View
20 libs/o_auth2_lib.php
@@ -212,16 +212,22 @@ protected function store_auth_code($code, $client_id, $redirect_uri, $expires, $
* Required for USER_CREDENTIALS_GRANT_TYPE
*/
public function check_user_credentials($client_id, $username, $password) {
- $Auth = Configure::read('OAuth2Server.Auth.className');
- return (boolean)
+ if (
!empty($username)
&& !empty($password)
-
+ ) {
// use CakePHP Auth Component to validate user credentials
- && $this->controller->$Auth->identify(array(
- Configure::read('OAuth2Server.Auth.fields.username') => $username,
- Configure::read('OAuth2Server.Auth.fields.password') => $Auth == 'Auth'? Security::hash($password, null, true) : $password // only hash password for AuthComponent
- ));
+ $Auth = Configure::read('OAuth2Server.Auth.className');
+ $data = array(
+ Configure::read('OAuth2Server.Auth.fields.username') => $username,
+ Configure::read('OAuth2Server.Auth.fields.password') => $password
+ );
+ if ($Auth == 'Auth') { // only pre-hash passwords for original Auth component
+ $data = $this->controller->$Auth->hashPasswords($data);
+ }
+ return (boolean) $this->controller->$Auth->identify($data);
+ }
+ return false;
}
/**

0 comments on commit baa8828

Please sign in to comment.
Something went wrong with that request. Please try again.