-
-
Notifications
You must be signed in to change notification settings - Fork 1.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
AccessTokenEntityInterface::getNewToken() and scopes parameter. #715
Comments
Hi @Danack - Apologies for the delayed response. This looks like a bug to me as you are correct in that we are likely double entering scopes. This shouldn't created duplicates against the access token though as these are indexed on the scope ID: oauth2-server/src/Entities/Traits/TokenEntityTrait.php Lines 42 to 45 in 9fc288c
The easiest fix would be to remove the duplicate code from the Abstract Grant but I will need to do a thorough check to make sure this won't break anything. Thanks for reporting this |
I hit the same issue as well and was wondering why the |
This issue was originally tackled in #553 but reverted as it introduced a breaking change. I think it should be reinstated for version 8. |
I wanted to ask the same question. If it is to execute additional logic, why dont you use an event system? |
Hi,
Please could you clarify for me what an implementation of AccessTokenEntityInterface should do with the scopes parameter in getNewToken() ? or any of the parameters actually.
The getNewToken method is called, and then immediately scopes are added to the token again, which lead to the scopes being double entered on my implementation.
oauth2-server/src/Grant/AbstractGrant.php
Lines 335 to 342 in bf7084a
cheers
Dan
The text was updated successfully, but these errors were encountered: