Fix API password grant type authentication

2025-10-09 19:13:26 +00:00 · 2013-10-03 17:12:46 +02:00
parent 77e37e710a
commit 9fc8fbc194
2 changed files with 13 additions and 7 deletions
--- a/lib/Alchemy/Phrasea/Controller/Api/Oauth2.php
+++ b/lib/Alchemy/Phrasea/Controller/Api/Oauth2.php
@@ -90,9 +90,9 @@ class Oauth2 implements ControllerProviderInterface
                    }

                    $app['authentication']->openAccount(\User_Adapter::getInstance($usr_id, $app));
-                } else {
-                    return new Response($app['twig']->render($template, array("auth" => $oauth2_adapter)));
                }
+
+                return new Response($app['twig']->render($template, array("auth" => $oauth2_adapter)));
            }

            //check if current client is already authorized by current user
@@ -128,9 +128,13 @@ class Oauth2 implements ControllerProviderInterface
                $params = $oauth2_adapter->finishNativeClientAuthorization($app_authorized, $params);

                return new Response($app['twig']->render("api/auth/native_app_access_token.html.twig", $params));
-            } else {
-                $oauth2_adapter->finishClientAuthorization($app_authorized, $params);
            }
+
+            $oauth2_adapter->finishClientAuthorization($app_authorized, $params);
+
+            // As OAuth2 library already outputs response content, we need to send an empty
+            // response to avoid breaking silex controller
+            return '';
        };

        $controllers->match('/authorize', $authorize_func)
@@ -150,7 +154,9 @@ class Oauth2 implements ControllerProviderInterface
            ob_flush();
            flush();

-            return;
+            // As OAuth2 library already outputs response content, we need to send an empty
+            // response to avoid breaking silex controller
+            return '';
        });

        return $controllers;
--- a/lib/classes/API/OAuth2/Adapter.php
+++ b/lib/classes/API/OAuth2/Adapter.php
@@ -258,7 +258,7 @@ class API_OAuth2_Adapter extends OAuth2
    protected function setAccessToken($oauth_token, $account_id, $expires, $scope = NULL)
    {
        $account = new API_OAuth2_Account($this->app, $account_id);
-        $token = API_OAuth2_Token::create($this->app, $account, $scope);
+        $token = API_OAuth2_Token::create($this->app['phraseanet.appbox'], $account, $scope);
        $token->set_value($oauth_token)->set_expires($expires);

        return $this;
@@ -800,7 +800,7 @@ class API_OAuth2_Adapter extends OAuth2
        try {
            $application = API_OAuth2_Application::load_from_client_id($this->app, $client_id);

-            $usr_id = $this->app['auth']->isValid($username, $password, Request::createFromGlobals());
+            $usr_id = $this->app['auth.native']->getUsrId($username, $password, Request::createFromGlobals());

            if (!$usr_id) {
                return false;