oauth2-server-php icon indicating copy to clipboard operation
oauth2-server-php copied to clipboard
verified publisher icon bshaffer

Documentation and logging improvements for Authorisation grant types

Open datamystic opened this issue 4 years ago • 0 comments

Having spent hours trying to debug Authorisation grant types, I recommend that the samples include code blocks for it:

// Add the "Authorization Code" grant type (this is where the oauth magic happens)
$server->addGrantType(new OAuth2\GrantType\AuthorizationCode($storage));
// Add the "Refresh Token" grant type
$server->addGrantType(new OAuth2\GrantType\RefreshToken($storage));

Also, the database structure is undocumented with regard to how multiple grant types should be stored against a particular client. I had to experiment to find that the grant types should be space-separated. The error messages should be more prescriptive with regard to fixing an unknown grant type so that logs can be inspected and changes made.

datamystic avatar Apr 15 '21 23:04 datamystic