Problem
Several OAuthServerException constructions pass the error code 'invalid _request' (stray space) instead of the spec value 'invalid_request'. This value is echoed in the JSON error response's error field, so clients receive a non-standard OAuth error code.
Occurrences in src/RestControllers/AuthorizationController.php (master):
- L496 —
Invalid registration token (RFC 7592 management endpoint)
- L1458 —
Id token missing from request
- L1484 —
Id token not issued from this server
Example response today:
{"error":"invalid _request","error_description":"Invalid registration token"}Fix
Replace 'invalid _request' with 'invalid_request' at each site.
Problem
Several
OAuthServerExceptionconstructions pass the error code'invalid _request'(stray space) instead of the spec value'invalid_request'. This value is echoed in the JSON error response'serrorfield, so clients receive a non-standard OAuth error code.Occurrences in
src/RestControllers/AuthorizationController.php(master):Invalid registration token(RFC 7592 management endpoint)Id token missing from requestId token not issued from this serverExample response today:
{"error":"invalid _request","error_description":"Invalid registration token"}Fix
Replace
'invalid _request'with'invalid_request'at each site.