diff --git a/workflow/engine/classes/class.pmDynaform.php b/workflow/engine/classes/class.pmDynaform.php index 201842128..781a54010 100644 --- a/workflow/engine/classes/class.pmDynaform.php +++ b/workflow/engine/classes/class.pmDynaform.php @@ -115,7 +115,9 @@ class pmDynaform $flagTrackerUser = false; if (!isset($_SESSION['USER_LOGGED'])) { - if (!preg_match("/^.*\/" . SYS_SKIN . "\/tracker\/.*$/", $_SERVER["REQUEST_URI"])) { + if (!preg_match("/^.*\/" . SYS_SKIN . "\/tracker\/.*$/", $_SERVER["REQUEST_URI"]) && + !preg_match("/^.*\/" . SYS_SKIN . "\/[a-z0-9A-Z]+\/[a-z0-9A-Z]+\.php$/", $_SERVER["REQUEST_URI"]) + ) { return; } @@ -1529,7 +1531,7 @@ class pmDynaform 'scope' => implode(' ', $oauthServer->getScope()) )); - $response = $oauthServer->postAuthorize($authorize, $userId, true); + $response = $oauthServer->postAuthorize($authorize, $userId, true, array('USER_LOGGED' => $_SESSION['USER_LOGGED'])); $code = substr($response->getHttpHeader('Location'), strpos($response->getHttpHeader('Location'), 'code=') + 5, 40); return $code; diff --git a/workflow/engine/src/ProcessMaker/Services/OAuth2/Server.php b/workflow/engine/src/ProcessMaker/Services/OAuth2/Server.php index b518418b2..8a2f47d45 100644 --- a/workflow/engine/src/ProcessMaker/Services/OAuth2/Server.php +++ b/workflow/engine/src/ProcessMaker/Services/OAuth2/Server.php @@ -236,10 +236,14 @@ class Server implements iAuthenticate * * @format JsonFormat,UploadFormat */ - public function postAuthorize($authorize = null, $userId = null, $returnResponse = false) + public function postAuthorize($authorize = null, $userId = null, $returnResponse = false, $cacheSessionValue = array()) { @session_start(); + foreach ($cacheSessionValue as $key => $value) { + $_SESSION[$key] = $value; + } + if (! isset($_SESSION['USER_LOGGED'])) { throw new RestException(400, "Local Authentication Error, user session is not started."); }