Updated examples

thephpleague · Apr 18, 2016 · 2a6f900 · 2a6f900
1 parent fb8f47e
commit 2a6f900
Show file tree

Hide file tree

Showing 3 changed files with 16 additions and 7 deletions.
diff --git a/examples/public/auth_code.php b/examples/public/auth_code.php
@@ -29,7 +29,7 @@
     ],
     AuthorizationServer::class => function () {
         // Init our repositories
-        $clientRepository = new ClientRepository();
+        $clientRepository = new ClientReptository();
         $scopeRepository = new ScopeRepository();
         $accessTokenRepository = new AccessTokenRepository();
         $authCodeRepository = new AuthCodeRepository();

diff --git a/examples/public/client_credentials.php b/examples/public/client_credentials.php
@@ -30,9 +30,9 @@
         $accessTokenRepository = new AccessTokenRepository(); // instance of AccessTokenRepositoryInterface
 
         // Path to public and private keys
-        $privateKey = 'file://path/to/private.key';
+        $privateKey = 'file://'.__DIR__.'/../private.key';
         //$privateKey = new CryptKey('file://path/to/private.key', 'passphrase'); // if private key has a pass phrase
-        $publicKey = 'file://path/to/public.key';
+        $publicKey = 'file://'.__DIR__.'/../public.key';
 
         // Setup the authorization server
         $server = new AuthorizationServer(

diff --git a/examples/src/Repositories/ClientRepository.php b/examples/src/Repositories/ClientRepository.php
@@ -17,13 +17,14 @@ class ClientRepository implements ClientRepositoryInterface
     /**
      * {@inheritdoc}
      */
-    public function getClientEntity($clientIdentifier, $clientSecret = null, $redirectUri = null, $grantType = null)
+    public function getClientEntity($clientIdentifier, $grantType, $clientSecret = null, $mustValidateSecret = true)
     {
         $clients = [
             'myawesomeapp' => [
-                'secret'       => password_hash('abc123', PASSWORD_BCRYPT),
-                'name'         => 'My Awesome App',
-                'redirect_uri' => 'http://foo/bar',
+                'secret'          => password_hash('abc123', PASSWORD_BCRYPT),
+                'name'            => 'My Awesome App',
+                'redirect_uri'    => 'http://foo/bar',
+                'is_confidential' => true,
             ],
         ];
 
@@ -32,6 +33,14 @@ public function getClientEntity($clientIdentifier, $clientSecret = null, $redire
             return;
         }
 
+        if (
+            $mustValidateSecret === true
+            && $clients[$clientIdentifier]['is_confidential'] === true
+            && password_verify($clientSecret, $clients[$clientIdentifier]['secret']) === false
+        ) {
+            return;
+        }
+
         $client = new ClientEntity();
         $client->setIdentifier($clientIdentifier);
         $client->setName($clients[$clientIdentifier]['name']);