From 7ac897cae1f979ef61b8bd241583f9f0183cdf7c Mon Sep 17 00:00:00 2001 From: Robert Meijers Date: Mon, 12 Jun 2023 11:12:13 +0200 Subject: [PATCH] Fix order of converting user Only convert the user from Symfony to League when no response is set on the event. As conversion doesn't / shouldn't have any side effects and the AuthorizationRequest isn't stored either (when a response is set) this should be safe. This helps in those cases where no user is logged in / resolved, but one of the listeners sets a redirect. Otherwise the converter will be called with a null value and has to return a proper value (can't be null) for no obvious reason except to satisfy the interface. --- src/Controller/AuthorizationController.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/Controller/AuthorizationController.php b/src/Controller/AuthorizationController.php index 7b5215e4..7d357ffb 100644 --- a/src/Controller/AuthorizationController.php +++ b/src/Controller/AuthorizationController.php @@ -101,12 +101,12 @@ public function indexAction(Request $request): Response OAuth2Events::AUTHORIZATION_REQUEST_RESOLVE ); - $authRequest->setUser($this->userConverter->toLeague($event->getUser())); - if ($response = $event->getResponse()) { return $response; } + $authRequest->setUser($this->userConverter->toLeague($event->getUser())); + $authRequest->setAuthorizationApproved($event->getAuthorizationResolution()); $response = $this->server->completeAuthorizationRequest($authRequest, $serverResponse);