Decouple from concrete validator

thephpleague / oauth2-server

A spec compliant, secure by default PHP OAuth 2.0 Server

https://oauth2.thephpleague.com

MIT License

6.51k stars 1.12k forks source link

Decouple from concrete validator #1228

Closed ElisDN closed 3 years ago

ElisDN commented 3 years ago

It decouples ResourceServer from checking of concrete BearerTokenValidator class.

Sephster commented 3 years ago

The server is not tied to the BearerTokenValidator at present, You can use any validator that implements the authorization validator interface. We check if you are using BearerTokenValidator because this required a public key to be set but there are no restrictions or enforcements of using this class.

Thank you for your efforts here but I don't think the original issue was identified correctly.