oauth2-server-php-docs icon indicating copy to clipboard operation
oauth2-server-php-docs copied to clipboard

Published 20 hours ago verified publisher icon bshaffer

Error response

Open ianchlee opened this issue 6 years ago • 1 comments

When I send an request to a resource controller without the access token, I receive no response (no error saying access token is required). Is this intentional? I do receive a error response if the access token is wrong.

if (!$server->verifyResourceRequest(OAuth2\Request::createFromGlobals())) { $server->getResponse()->send(); die; }

ianchlee avatar Apr 26 '18 10:04 ianchlee

Nope, I don't think it's intended. I see in OAuth2\Response class that send immediately returns if you've already sent the headers:

        // headers have already been sent by the developer
        if (headers_sent()) {
            return;
        }

I'm using this library inside Slim, so I'm using its Response object to send the final output like this:

    public function authorize(Request $request, Response $response, array $args)
    {
        $oauthServer = $this->container->get('OAUTH_SERVER');

        if (!$oauthServer->validateAuthorizeRequest(OAuthRequest::createFromGlobals())) {
            $oauthResponse = $oauthServer->getResponse();
            return $response
                ->withStatus($oauthResponse->getStatusCode())
                ->write($oauthResponse->getResponseBody());
        }
     ....

chrisvoo avatar May 08 '19 09:05 chrisvoo