fixes bshaffer#191 - passes config to HttpBasic

bshaffer · bshaffer · commit 39520a90019d · 2013-07-16T11:08:02.000-06:00
diff --git a/src/OAuth2/Server.php b/src/OAuth2/Server.php
@@ -102,6 +102,7 @@ public function __construct($storage = array(), array $config = array(), array $
             'enforce_state'            => true,
             'require_exact_redirect_uri' => true,
             'allow_implicit'           => false,
+            'allow_credentials_in_request_body' => true,
         ), $config);
 
         foreach ($grantTypes as $key => $grantType) {
@@ -387,7 +388,8 @@ protected function createDefaultTokenController()
                     if (!isset($this->storages['client_credentials'])) {
                         throw new \LogicException("You must supply a storage object implementing OAuth2\Storage\ClientCredentialsInterface to use the token server");
                     }
-                    $this->clientAssertionType = new HttpBasic($this->storages['client_credentials']);
+                    $config = array_intersect_key($this->config, array('allow_credentials_in_request_body' => ''));
+                    $this->clientAssertionType = new HttpBasic($this->storages['client_credentials'], $config);
                     break;
                 }
             }
diff --git a/test/OAuth2/ServerTest.php b/test/OAuth2/ServerTest.php
@@ -249,6 +249,22 @@ public function testCustomClientAssertionType()
         $server->handleTokenRequest($request, $response = new Response());
     }
 
+    public function testHttpBasicConfig()
+    {
+        // create mock storage
+        $storage = Bootstrap::getInstance()->getMemoryStorage();
+        $server = new Server(array($storage), array('allow_credentials_in_request_body' => false));
+        $server->getTokenController();
+        $httpBasic = $server->getClientAssertionType();
+
+        $reflection = new \ReflectionClass($httpBasic);
+        $prop = $reflection->getProperty('config');
+        $prop->setAccessible(true);
+
+        $config = $prop->getValue($httpBasic); // get the private "storages" property
+        $this->assertEquals($config['allow_credentials_in_request_body'], false);
+    }
+
     /**
      * @expectedException InvalidArgumentException OAuth2\ResponseType\AuthorizationCodeInterface
      **/

Original file line number	Diff line number	Diff line change
`@@ -102,6 +102,7 @@ public function __construct($storage = array(), array $config = array(), array $`
`102`	`102`	`'enforce_state' => true,`
`103`	`103`	`'require_exact_redirect_uri' => true,`
`104`	`104`	`'allow_implicit' => false,`
	`105`	`+ 'allow_credentials_in_request_body' => true,`
`105`	`106`	`), $config);`
`106`	`107`
`107`	`108`	`foreach ($grantTypes as $key => $grantType) {`
`@@ -387,7 +388,8 @@ protected function createDefaultTokenController()`
`387`	`388`	`if (!isset($this->storages['client_credentials'])) {`
`388`	`389`	`throw new \LogicException("You must supply a storage object implementing OAuth2\Storage\ClientCredentialsInterface to use the token server");`
`389`	`390`	`}`
`390`		`- $this->clientAssertionType = new HttpBasic($this->storages['client_credentials']);`
	`391`	`+ $config = array_intersect_key($this->config, array('allow_credentials_in_request_body' => ''));`
	`392`	`+ $this->clientAssertionType = new HttpBasic($this->storages['client_credentials'], $config);`
`391`	`393`	`break;`
`392`	`394`	`}`
`393`	`395`	`}`