Comments (8)
guillerodriguez
commented on July 24, 2024
Also see: firebase/php-jwt#531
from oauth2-server-php.
bshaffer
commented on July 24, 2024
We could follow the pattern set by the other controllers here, and pass the Request to the encryption util, and that could set the proper response code and error message. Would that be sufficient?
from oauth2-server-php.
guillerodriguez
commented on July 24, 2024
Yes, that would indeed be sufficient. FirebaseJwt can then handle
ExpireException separately from other exceptions.
… We could follow the pattern set by the other controllers here, and pass
the Request to the encryption util, and that could set the proper
response code and error message. Would that be sufficient?
—
Reply to this email directly, view it on GitHub
<#1053 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAS67KFSGQRNWLZDM4QLIHLXXYZWTANCNFSM6AAAAAA4C7KOMM>
.
You are receiving this because you authored the thread.Message ID:
***@***.***>
--
Guillermo Rodriguez Garcia
***@***.***
from oauth2-server-php.
bshaffer
commented on July 24, 2024
Would you be willing to submit a pull request for the suggested changes?
On Tue, Aug 29, 2023 at 2:46 PM Guillermo Rodríguez < ***@***.***> wrote:
Yes, that would indeed be sufficient. FirebaseJwt can then handle
ExpireException separately from other exceptions.
> We could follow the pattern set by the other controllers here, and pass
> the Request to the encryption util, and that could set the proper
> response code and error message. Would that be sufficient?
>
> —
> Reply to this email directly, view it on GitHub
> <
#1053 (comment)>,
> or unsubscribe
> <
https://github.com/notifications/unsubscribe-auth/AAS67KFSGQRNWLZDM4QLIHLXXYZWTANCNFSM6AAAAAA4C7KOMM>
> .
> You are receiving this because you authored the thread.Message ID:
> ***@***.***>
>
--
Guillermo Rodriguez Garcia
***@***.***
—
Reply to this email directly, view it on GitHub
<#1053 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAAZMBOCVHBX6R75TNE4P7LXXZPKNANCNFSM6AAAAAA4C7KOMM>
.
You are receiving this because you commented.Message ID:
***@***.***>
--
Brent Shaffer
from oauth2-server-php.
guillerodriguez
commented on July 24, 2024
@bshaffer I can try. This requires modifying the API of AccessTokenInterface and EncryprionUtil to take a Response (I assume you meant this rather than Request), which will break API compatibility. Is this ok ?
from oauth2-server-php.
guillerodriguez
commented on July 24, 2024
@bshaffer Specifically this would require the following API changes:
- Modify
AccessTokenInterface::getAccessTokento take aResponseInterface - Modify
EncryptionInterface::decodeto take aResponseInterface
Is this ok ?
from oauth2-server-php.
guillerodriguez
commented on July 24, 2024
@bshaffer Can you confirm the outlined approach is OK?
from oauth2-server-php.
guillerodriguez
commented on July 24, 2024
@bshaffer I am happy to prepare a PR with the changes that we have discussed but I would need some feedback on the suggested approach (see my earlier comment about API changes). Can you comment on this?
from oauth2-server-php.
Related Issues (20)
- After creating User Credentials root Problem when calling refresh_token
- User Credentials grant doesn't verify user_id vs Client Credentials user_id
- Example project is not compatable for php version >= 8.1 HOT 1
- Revoking token
- unable to generate access token
- PKCE Support, please HOT 1
- Integration with Psr\Http\Message\ RequestInterface and ResponseInterface HOT 1
- [QUESTION] OpenID Connect Back-Channel Logout
- Firebase/JWT <6 is considered security risk HOT 6
- Different user database depending on client_id
- Add getToken() to ResourceControllerInterface
- cors issue with authorize.php
- Help with error using JWT?
- Ci4 OAuth2 ACCESS_TOKEN invalid
- Step-by-step Walkthrough not up-to-date HOT 2
- Not possible to inject custom implementation of EncryptionInterface without overriding whole createDefaultIdTokenResponseType() or whole response type
- how do i use cookie
- http://192.168.1.205/authorize.php?response_type=code&client_id=testclient&state=xyz HOT 2
- Device Authorization Grant support
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from oauth2-server-php.