Open githubeing opened 4 years ago
in pdo storage, if there's no default scope, the method returns null: https://github.com/bshaffer/oauth2-server-php/blob/master/src/OAuth2/Storage/Pdo.php#L521
null
but in authorization controller, there's a strict type comparison with false, not null: https://github.com/bshaffer/oauth2-server-php/blob/master/src/OAuth2/Controller/AuthorizeController.php#L320
false
- therefore, instead of returning an error 'invalid_client', 'This application requires you specify a scope parameter', the auth controller returns an auth code if a client haven't specify a scope in their request.
'invalid_client', 'This application requires you specify a scope parameter'
could you please fix this?
in pdo storage, if there's no default scope, the method returns
null: https://github.com/bshaffer/oauth2-server-php/blob/master/src/OAuth2/Storage/Pdo.php#L521but in authorization controller, there's a strict type comparison with
false, notnull: https://github.com/bshaffer/oauth2-server-php/blob/master/src/OAuth2/Controller/AuthorizeController.php#L320- therefore, instead of returning an error
'invalid_client', 'This application requires you specify a scope parameter', the auth controller returns an auth code if a client haven't specify a scope in their request.could you please fix this?