authorize on provider API only

codemasher · codemasher · commit a13ea26e2c22 · 2019-03-01T19:44:44.000+01:00
diff --git a/src/Core/OAuthProvider.php b/src/Core/OAuthProvider.php
@@ -315,18 +315,22 @@ public function request(string $path, array $params = null, string $method = nul
 	 * @return \Psr\Http\Message\ResponseInterface
 	 */
 	public function sendRequest(RequestInterface $request):ResponseInterface{
-		$token = $this->storage->getAccessToken($this->serviceName);
 
-		// attempt to refresh an expired token
-		if($this instanceof TokenRefresh && $this->options->tokenAutoRefresh && ($token->isExpired() || $token->expires === $token::EOL_UNKNOWN)){
-			$token = $this->refreshAccessToken($token);
-		}
+		// get authorization only if we request the provider API
+		if($request->getUri()->getHost() === parse_url($this->apiURL, PHP_URL_HOST)){
+			$token = $this->storage->getAccessToken($this->serviceName);
 
-		foreach(array_merge($this->apiHeaders, $headers ?? []) as $header => $value){
-			$request = $request->withAddedHeader($header, $value);
-		}
+			// attempt to refresh an expired token
+			if($this instanceof TokenRefresh && $this->options->tokenAutoRefresh && ($token->isExpired() || $token->expires === $token::EOL_UNKNOWN)){
+				$token = $this->refreshAccessToken($token);
+			}
 
-		$request = $this->getRequestAuthorization($request, $token);
+			foreach(array_merge($this->apiHeaders, $headers ?? []) as $header => $value){
+				$request = $request->withAddedHeader($header, $value);
+			}
+
+			$request = $this->getRequestAuthorization($request, $token);
+		}
 
 		return $this->http->sendRequest($request);
 	}
