Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

resource owner #13

Open
GoogleCodeExporter opened this issue Apr 8, 2016 · 6 comments
Open

resource owner #13

GoogleCodeExporter opened this issue Apr 8, 2016 · 6 comments
Labels
auto-migrated Priority-Medium Type-Defect

Comments

@GoogleCodeExporter
Copy link 

I can't seem to find a way to store and retrieve informations about the 
protected resource / resource owner.

E.g. verifyAccessToken() verifies that the access token is valid, but we don't 
now for what it is actually valid (e.g. for which resource / user account / 
...).

Original issue reported on code.google.com by arnaud.lb on 12 Mar 2011 at 9:15
@GoogleCodeExporter
Copy link
Author 

The following changes worked for me : 
http://code.google.com/r/arnaudlb-oauth2-php-clone/source/detail?r=5116210b74698
f5bbb410a4a7d2cac9a297c0739 

This just allows to pass some abstract data to finishClientAuthorization(), 
which is then stored in code/token tables, and returned by verifyAccessToken()).

This is backwards compatible.

The following changes also update the PDO example : 
http://code.google.com/r/arnaudlb-oauth2-php-clone/source/detail?r=0006c9e528d9a
9fe654ebb78b21e95718bb683f2

Original comment by arnaud.lb on 22 Mar 2011 at 7:59

@GoogleCodeExporter
Copy link
Author 

I faced the same problem.

Original comment by [email protected] on 26 Sep 2011 at 10:03

@GoogleCodeExporter
Copy link
Author 

Ditto. This is a pretty big oversight. Kudos to arnaud for his commit, but IMO 
it isn't enough. The resource owner is just as important of an entity as the 
tokens and grants, and deserves dedicated handling in the library (not just a 
little "application data" dump).

The resource owner can be passed around as an opaque value, just like state is, 
but it deserves specific handling.

Original comment by [email protected] on 8 Nov 2011 at 1:26

@GoogleCodeExporter
Copy link
Author 

John, it looks like the repository here on Google Code is abandoned. There are 
several forks on GitHub, perhaps you've got more luck with it.

Original comment by [email protected] on 8 Nov 2011 at 7:30

@GoogleCodeExporter
Copy link
Author 

Oh wow, I didn't think to check Git Hub for clones. Good call. After some 
digging I found that https://github.com/quizlet/oauth2-php appears to be a 
highly active clone. It resolves this issue, substantially improves the general 
architecture of the library, and appears to be regularly updating to deal with 
the revisions to the spec.

Original comment by [email protected] on 8 Nov 2011 at 4:25

@GoogleCodeExporter
Copy link
Author 

Yeah, the quizlet fork is really up to date to the specs. You also should 
checkout https://github.com/jk/oauth2-php for a working PDO (SQL) example.

Original comment by [email protected] on 8 Nov 2011 at 4:36

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
auto-migrated Priority-Medium Type-Defect
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@GoogleCodeExporter