Fix #1670 API password grant type authentication is broken

2025-10-10 11:33:17 +00:00 · 2014-01-22 15:56:57 +01:00
parent f58a1ee544
commit a960150caa
1 changed files with 4 additions and 6 deletions
--- a/lib/classes/API/OAuth2/Adapter.php
+++ b/lib/classes/API/OAuth2/Adapter.php
@@ -798,7 +798,7 @@ class API_OAuth2_Adapter extends OAuth2
    protected function checkUserCredentials($client_id, $username, $password)
    {
        try {
-            $application = API_OAuth2_Application::load_from_client_id($this->app, $client_id);
+            $this->setClient(API_OAuth2_Application::load_from_client_id($this->app, $client_id));

            $usr_id = $this->app['auth.native']->getUsrId($username, $password, Request::createFromGlobals());

@@ -806,13 +806,11 @@ class API_OAuth2_Adapter extends OAuth2
                return false;
            }

-            $user = \User_Adapter::getInstance($usr_id, $this->app);
-
-            $account = API_OAuth2_Account::load_with_user($this->app, $application, $user);
+            $account = $this->updateAccount($usr_id);

            return array(
-                'redirect_uri' => $application->get_redirect_uri()
-                , 'client_id'    => $application->get_client_id()
+                'redirect_uri' => $this->client->get_redirect_uri()
+                , 'client_id'    => $this->client->get_client_id()
                , 'account_id'   => $account->get_id()
            );
        } catch (AccountLockedException $e) {