Skip to content
This repository has been archived by the owner on Jan 21, 2020. It is now read-only.

Tables DDL doesnt match original #142

Open
autowp opened this issue Jun 21, 2016 · 2 comments
Open

Tables DDL doesnt match original #142

autowp opened this issue Jun 21, 2016 · 2 comments

Comments

@autowp
Copy link

autowp commented Jun 21, 2016

https://github.com/zfcampus/zf-oauth2/blob/master/data/db_oauth2.sql
https://github.com/zfcampus/zf-oauth2/blob/master/data/db_oauth2_postgresql.sql

Both of scripts contain extra columns client_id & type in table oauth_scopes. And primary key is missing.

Original DLL looks like this: https://github.com/bshaffer/oauth2-server-php/blob/develop/src/OAuth2/Storage/Pdo.php#L519
@jguittard
Copy link
Contributor

As for the missing PK:
As defined in RFC 6749#3.3, a scope is a space delimited list of values, whose order doesn't matter.
You can also see that at this line, the scope "reference" is a 4000 string... IMHO, there's no point of making that column a primary key. Maybe adding an UNIQUE constraint if you care about unicity. Also, in general, there's not that amount of scopes to leverage INDEX SQL features.
As for other fields:
Again, RFC does not precise the scope of the scopes :) It's up to the resource owner to define the business implementation of the scopes. So extra columns with no constraints does not interfere with OAuth2 authorization workflow.

@weierophinney weierophinney mentioned this issue Dec 31, 2019
Open
@weierophinney
Copy link
Member

This repository has been closed and moved to laminas-api-tools/api-tools-oauth2; a new issue has been opened at laminas-api-tools/api-tools-oauth2#11.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@weierophinney @autowp @jguittard