projects / authserver.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
move settings sanitation to utils, move whitelist for client registration to settings
[authserver.git] / app / api.php
diff --git a/app/api.php b/app/api.php
index 4cdbe24e2416d0be92d516b197dd0425ad4abdc0..10d43edd0d1461cb9119f1b08616642e245124b5 100644 (file)
--- a/app/api.php
+++ b/app/api.php
@@ -67,7 +67,7 @@ if (!count($errors)) {
                                   'error_description' => 'The user the access token is connected to was not recognized.')));
         }
         else {
                                   'error_description' => 'The user the access token is connected to was not recognized.')));
         }
         else {
-          if (in_array($user['email'], $utils->client_reg_email_whitelist)) {
+          if (($utils->client_reg_email_whitelist === false) || (in_array($user['email'], $utils->client_reg_email_whitelist))) {
             if (strlen(@$_GET['client_id']) >= 5) {
               $result = $db->prepare('SELECT `client_id`,`user_id` FROM `oauth_clients` WHERE `client_id` = :clientid;');
               $result->execute(array(':clientid' => $_GET['client_id']));
             if (strlen(@$_GET['client_id']) >= 5) {
               $result = $db->prepare('SELECT `client_id`,`user_id` FROM `oauth_clients` WHERE `client_id` = :clientid;');
               $result->execute(array(':clientid' => $_GET['client_id']));
OAuth2-capable authorization/login server