Merge pull request #256 from bmaximilian/#255/add-parameters-for-cred…

…entials-revoker #255: Set revoked as parameter
trikoder · Dec 27, 2020 · 37571a1 · 37571a1
2 parents ca80f0b + 9614e74
commit 37571a1
Showing 1 changed file with 12 additions and 6 deletions.
diff --git a/Service/CredentialsRevoker/DoctrineCredentialsRevoker.php b/Service/CredentialsRevoker/DoctrineCredentialsRevoker.php
@@ -30,7 +30,8 @@ public function revokeCredentialsForUser(UserInterface $user): void
 
         $this->entityManager->createQueryBuilder()
             ->update(AccessToken::class, 'at')
-            ->set('at.revoked', true)
+            ->set('at.revoked', ':revoked')
+            ->setParameter('revoked', true)
             ->where('at.userIdentifier = :userIdentifier')
             ->setParameter('userIdentifier', $userIdentifier)
             ->getQuery()
@@ -39,7 +40,8 @@ public function revokeCredentialsForUser(UserInterface $user): void
         $queryBuilder = $this->entityManager->createQueryBuilder();
         $queryBuilder
             ->update(RefreshToken::class, 'rt')
-            ->set('rt.revoked', true)
+            ->set('rt.revoked', ':revoked')
+            ->setParameter('revoked', true)
             ->where($queryBuilder->expr()->in(
                 'rt.accessToken',
                 $this->entityManager->createQueryBuilder()
@@ -54,7 +56,8 @@ public function revokeCredentialsForUser(UserInterface $user): void
 
         $this->entityManager->createQueryBuilder()
             ->update(AuthorizationCode::class, 'ac')
-            ->set('ac.revoked', true)
+            ->set('ac.revoked', ':revoked')
+            ->setParameter('revoked', true)
             ->where('ac.userIdentifier = :userIdentifier')
             ->setParameter('userIdentifier', $userIdentifier)
             ->getQuery()
@@ -69,15 +72,17 @@ public function revokeCredentialsForClient(Client $client): void
 
         $this->entityManager->createQueryBuilder()
             ->update(AccessToken::class, 'at')
-            ->set('at.revoked', true)
+            ->set('at.revoked', ':revoked')
+            ->setParameter('revoked', true)
             ->where('at.client = :client')
             ->setParameter('client', $doctrineClient)
             ->getQuery()
             ->execute();
 
         $queryBuilder = $this->entityManager->createQueryBuilder();
         $queryBuilder->update(RefreshToken::class, 'rt')
-            ->set('rt.revoked', true)
+            ->set('rt.revoked', ':revoked')
+            ->setParameter('revoked', true)
             ->where($queryBuilder->expr()->in(
                 'rt.accessToken',
                 $this->entityManager->createQueryBuilder()
@@ -92,7 +97,8 @@ public function revokeCredentialsForClient(Client $client): void
 
         $this->entityManager->createQueryBuilder()
             ->update(AuthorizationCode::class, 'ac')
-            ->set('ac.revoked', true)
+            ->set('ac.revoked', ':revoked')
+            ->setParameter('revoked', true)
             ->where('ac.client = :client')
             ->setParameter('client', $doctrineClient)
             ->getQuery()