Hotfix to use the default generator for refresh tokens

vend · Feb 24, 2016 · 7936198 · 7936198
1 parent 3c7f688
commit 7936198
Show file tree

Hide file tree

Showing 3 changed files with 10 additions and 5 deletions.
diff --git a/src/League/OAuth2/Server/Grant/AuthCode.php b/src/League/OAuth2/Server/Grant/AuthCode.php
@@ -151,7 +151,7 @@ public function checkAuthoriseParams($inputParams = array())
     public function newAuthoriseRequest($type, $typeId, $authParams = array())
     {
         // Generate an auth code.
-        // We want to use the default generator for this
+        // Use the default token generator for this
         $authCode = (new DefaultGenerator())->generate();
 
         // Remove any old sessions the user might have
@@ -251,7 +251,8 @@ public function completeFlow($inputParams = null)
 
         // Associate a refresh token if set
         if ($this->authServer->hasGrantType('refresh_token')) {
-            $refreshToken = $this->getTokenGenerator()->generate();
+            // Use the default token generator for this
+            $refreshToken = (new DefaultGenerator())->generate();
             $refreshTokenTTL = time() + $this->authServer->getGrantType('refresh_token')->getRefreshTokenTTL();
             $this->authServer->getStorage('session')->associateRefreshToken($accessTokenId, $refreshToken, $refreshTokenTTL, $authParams['client_id']);
             $response['refresh_token'] = $refreshToken;

diff --git a/src/League/OAuth2/Server/Grant/Password.php b/src/League/OAuth2/Server/Grant/Password.php
@@ -13,6 +13,7 @@
 
 use League\OAuth2\Server\Authorization;
 use League\OAuth2\Server\Exception;
+use League\OAuth2\Server\Util\DefaultGenerator;
 
 /**
  * Password grant class
@@ -176,7 +177,8 @@ public function completeFlow($inputParams = null)
 
         // Associate a refresh token if set
         if ($this->authServer->hasGrantType('refresh_token')) {
-            $refreshToken = $this->getTokenGenerator()->generate();
+            // Use the default token generator for this
+            $refreshToken = (new DefaultGenerator())->generate();
             $refreshTokenTTL = time() + $this->authServer->getGrantType('refresh_token')->getRefreshTokenTTL();
             $this->authServer->getStorage('session')->associateRefreshToken($accessTokenId, $refreshToken, $refreshTokenTTL, $authParams['client_id']);
             $response['refresh_token'] = $refreshToken;

diff --git a/src/League/OAuth2/Server/Grant/RefreshToken.php b/src/League/OAuth2/Server/Grant/RefreshToken.php
@@ -13,6 +13,7 @@
 
 use League\OAuth2\Server\Authorization;
 use League\OAuth2\Server\Exception;
+use League\OAuth2\Server\Util\DefaultGenerator;
 
 /**
  * Referesh token grant
@@ -148,8 +149,9 @@ public function completeFlow($inputParams = null)
 
         if ($this->rotateRefreshTokens === true) {
 
-            // Generate a new refresh token
-            $refreshToken = $this->getTokenGenerator()->generate();
+            // Generate a new refresh token.
+            // Use the default token generator for this
+            $refreshToken = (new DefaultGenerator())->generate();
             $refreshTokenExpires = time() + $this->getRefreshTokenTTL();
 
             // Revoke the old refresh token