Pass user identifier through to finalize scopes in personal access grant (#1650)

GrahamCampbell · web-flow · commit 5417fe870a1a · 2023-04-04T09:06:53.000-05:00
diff --git a/src/Bridge/PersonalAccessGrant.php b/src/Bridge/PersonalAccessGrant.php
@@ -20,14 +20,22 @@ public function respondToAccessTokenRequest(
         // Validate request
         $client = $this->validateClient($request);
         $scopes = $this->validateScopes($this->getRequestParameter('scope', $request));
+        $userIdentifier = $this->getRequestParameter('user_id', $request);
 
         // Finalize the requested scopes
-        $scopes = $this->scopeRepository->finalizeScopes($scopes, $this->getIdentifier(), $client);
+        $scopes = $this->scopeRepository->finalizeScopes(
+            $scopes,
+            $this->getIdentifier(),
+            $client,
+            $userIdentifier
+        );
 
         // Issue and persist access token
         $accessToken = $this->issueAccessToken(
-            $accessTokenTTL, $client,
-            $this->getRequestParameter('user_id', $request), $scopes
+            $accessTokenTTL,
+            $client,
+            $userIdentifier,
+            $scopes
         );
 
         // Inject access token into response type
