Allow return NULL value in getRedirectUri() call

Created on 13 February 2024, 9 months ago
Updated 4 June 2024, 5 months ago

Problem/Motivation

In the client_credentials grant type the redirect_uri is not needed. I have a case where I have defined(simple_oauth contrib module) a consumer without redirect_uri, so I would like to return NULL in my own Oauth2 Client plugin.

Steps to reproduce

Create a Oauth2 Client plugin with client_credentials grant type and try to get the access token from a consumer without redirect_uri.

Proposed resolution

Allow to return NULL in getRedirectUri()

πŸ› Bug report
Status

Closed: works as designed

Version

4.1

Component

Code

Created by

πŸ‡ͺπŸ‡ΈSpain nachosalvador Elx

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Merge Requests

Comments & Activities

  • Issue created by @nachosalvador
  • Open in Jenkins β†’ Open on Drupal.org β†’
    Core: 10.2.1 + Environment: PHP 8.2 & MySQL 8
    last update 9 months ago
    12 pass
  • Status changed to Needs review 9 months ago
  • Pipeline finished with Success
    9 months ago
    Total: 176s
    #93705
  • Status changed to Closed: works as designed 9 months ago
  • πŸ‡ΊπŸ‡ΈUnited States fathershawn New York

    Thank you for you suggestion, especially with code! I'm not going to make this change for a couple of reasons.

    This change introduces a union type, reducing the type safety of the method for all implementations. Further, it changes an interface to do this which really should only be done at a major version change as it changes the API of the module. If I had it to do again, I'd also remove the null union type from `Oauth2ClientPluginInterface::getScopes` but that too is for the next a major version change if there ever needs to be one.

    In the module code, the only place we call `Oauth2ClientPluginInterface::getRedirectUri()` is in `Oauth2ClientPluginBase::getProvider`. It is an intentional choice to put the assembly of the provider in the implementation space of the plugin. This is why this method returns the most general AbstractProvider as its return type.

    If you are building your client off our our base, you can override this method, and not include `redirectUri` as one of the options.

Production build 0.71.5 2024