mirror_php/moodle
1
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-01-17 05:28:30 +01:00
Code Issues Projects Releases Wiki Activity

MDL-71119 core_badges: Initialise scopes param in backpack-connect.php

Browse Source 
The scopes parameter should be passed when creating the OAuth2 badges
client. As it is an optional parameter, when it's empty, it will
be initilised with the supported scopes for the backpack issuer.

It will happen, for instance, when a call is done to oauth2callback.php
because, as defined in RFC6749, OAuth2 authorization response only
supports code and state.
This commit is contained in:
Sara Arjona 2021-03-16 12:32:20 +01:00
parent 511a87f5fc
commit c974a59f41
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
badges/backpack-connect.php
View File

@ -43,6 +43,10 @@ if ($persistedissuer) {
$returnurl = new moodle_url('/badges/backpack-connect.php', $returnurl = new moodle_url('/badges/backpack-connect.php',
['action' => 'authorization', 'sesskey' => sesskey(), 'backpackid' => $backpackid]); ['action' => 'authorization', 'sesskey' => sesskey(), 'backpackid' => $backpackid]);
// If scope is not passed as parameter, use the issuer supported scopes.
if (empty($scope)) {
$scope = $issuer->get('scopessupported');
}
$client = new core_badges\oauth2\client($issuer, $returnurl, $scope, $externalbackpack); $client = new core_badges\oauth2\client($issuer, $returnurl, $scope, $externalbackpack);
if ($client) { if ($client) {
if (!$client->is_logged_in()) { if (!$client->is_logged_in()) {