add exception if supported_scopes mixes array notation and string notation

Author: jdeniau

DependencyInjection/FOSOAuthServerExtension.php

@@ -14,6 +14,7 @@
 namespace FOS\OAuthServerBundle\DependencyInjection;
 
 use FOS\OAuthServerBundle\Util\LegacyFormHelper;
+use Symfony\Component\Config\Definition\Exception\InvalidConfigurationException;
 use Symfony\Component\Config\Definition\Processor;
 use Symfony\Component\Config\FileLocator;
 use Symfony\Component\DependencyInjection\Alias;
@@ -53,7 +54,7 @@ public function load(array $configs, ContainerBuilder $container)
 
         $options = $config['service']['options'];
         if (is_array($options['supported_scopes'] ?? null)) {
-            $options['supported_scopes'] = implode(' ', $options['supported_scopes']);
+            $options['supported_scopes'] = $this->computeArraySupportedScopes($options['supported_scopes']);
         }
         $container->setParameter('fos_oauth_server.server.options', $options);
 
@@ -154,4 +155,15 @@ protected function loadAuthorize(array $config, ContainerBuilder $container, Xml
             'form' => 'fos_oauth_server.authorize.form.%s',
         ]);
     }
+
+    private function computeArraySupportedScopes(array $supportedScopes)
+    {
+        foreach ($supportedScopes as $scope) {
+            if (false !== strpos($scope, ' ')) {
+                throw new InvalidConfigurationException('The array notation for supported_scopes should not contain spaces in array items. Either use full array notation or use the string notation for supported_scopes. See https://git.io/vx1X0 for more informations.');
+            }
+        }
+
+        return implode(' ', $supportedScopes);
+    }
 }

Tests/DependencyInjection/FOSOAuthServerExtensionTest.php

@@ -14,6 +14,7 @@
 namespace FOS\OAuthServerBundle\Tests\DependencyInjection;
 
 use FOS\OAuthServerBundle\DependencyInjection\FOSOAuthServerExtension;
+use Symfony\Component\Config\Definition\Exception\InvalidConfigurationException;
 use Symfony\Component\Config\FileLocator;
 use Symfony\Component\DependencyInjection\ContainerBuilder;
 use Symfony\Component\DependencyInjection\ParameterBag\ParameterBag;
@@ -127,4 +128,28 @@ public function testArraySupportedScopes()
             ]
         );
     }
+
+    public function testArraySupportedScopesWithSpace()
+    {
+        $scopes = ['scope1 scope2', 'scope3', 'scope4'];
+
+        $config = [
+            'db_driver' => 'orm',
+            'client_class' => 'dumb_class',
+            'access_token_class' => 'dumb_access_token_class',
+            'refresh_token_class' => 'dumb_refresh_token_class',
+            'auth_code_class' => 'dumb_auth_code_class',
+            'service' => [
+                'options' => [
+                    'supported_scopes' => $scopes,
+                    'enforce_redirect' => true,
+                ],
+            ],
+        ];
+        $instance = new FOSOAuthServerExtension();
+
+        $this->expectException(InvalidConfigurationException::class);
+        $this->expectExceptionMessage('The array notation for supported_scopes should not contain spaces in array items. Either use full array notation or use the string notation for supported_scopes. See https://git.io/vx1X0 for more informations.');
+        $instance->load([$config], $this->container);
+    }
 }