justinyueh / oauth2-php

Automatically exported from code.google.com/p/oauth2-php
MIT License
0 stars 0 forks source link

resource owner #13

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago
I can't seem to find a way to store and retrieve informations about the 
protected resource / resource owner.

E.g. verifyAccessToken() verifies that the access token is valid, but we don't 
now for what it is actually valid (e.g. for which resource / user account / 
...).

Original issue reported on code.google.com by arnaud.lb on 12 Mar 2011 at 9:15

GoogleCodeExporter commented 9 years ago
The following changes worked for me : 
http://code.google.com/r/arnaudlb-oauth2-php-clone/source/detail?r=5116210b74698
f5bbb410a4a7d2cac9a297c0739 

This just allows to pass some abstract data to finishClientAuthorization(), 
which is then stored in code/token tables, and returned by verifyAccessToken()).

This is backwards compatible.

The following changes also update the PDO example : 
http://code.google.com/r/arnaudlb-oauth2-php-clone/source/detail?r=0006c9e528d9a
9fe654ebb78b21e95718bb683f2

Original comment by arnaud.lb on 22 Mar 2011 at 7:59

GoogleCodeExporter commented 9 years ago
I faced the same problem.

Original comment by pg051...@gmail.com on 26 Sep 2011 at 10:03

GoogleCodeExporter commented 9 years ago
Ditto. This is a pretty big oversight. Kudos to arnaud for his commit, but IMO 
it isn't enough. The resource owner is just as important of an entity as the 
tokens and grants, and deserves dedicated handling in the library (not just a 
little "application data" dump).

The resource owner can be passed around as an opaque value, just like state is, 
but it deserves specific handling.

Original comment by johncren...@priacta.com on 8 Nov 2011 at 1:26

GoogleCodeExporter commented 9 years ago
John, it looks like the repository here on Google Code is abandoned. There are 
several forks on GitHub, perhaps you've got more luck with it.

Original comment by jens.k...@gmail.com on 8 Nov 2011 at 7:30

GoogleCodeExporter commented 9 years ago
Oh wow, I didn't think to check Git Hub for clones. Good call. After some 
digging I found that https://github.com/quizlet/oauth2-php appears to be a 
highly active clone. It resolves this issue, substantially improves the general 
architecture of the library, and appears to be regularly updating to deal with 
the revisions to the spec.

Original comment by johncren...@priacta.com on 8 Nov 2011 at 4:25

GoogleCodeExporter commented 9 years ago
Yeah, the quizlet fork is really up to date to the specs. You also should 
checkout https://github.com/jk/oauth2-php for a working PDO (SQL) example.

Original comment by jens.k...@gmail.com on 8 Nov 2011 at 4:36