From 3985380e1d442417647811edd57cf99c01e5c7e1 Mon Sep 17 00:00:00 2001
From: Phillip Look <phillip.look@brainbits.net>
Date: Fri, 7 Jun 2024 14:58:41 +0200
Subject: [PATCH 1/3] Pass user id from old refresh token to finalizeScopes()

---
 src/Grant/RefreshTokenGrant.php       | 2 +-
 tests/Grant/RefreshTokenGrantTest.php | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/Grant/RefreshTokenGrant.php b/src/Grant/RefreshTokenGrant.php
index 34e3f20b4..13748cb93 100644
--- a/src/Grant/RefreshTokenGrant.php
+++ b/src/Grant/RefreshTokenGrant.php
@@ -69,7 +69,7 @@ public function respondToAccessTokenRequest(
             }
         }
 
-        $scopes = $this->scopeRepository->finalizeScopes($scopes, $this->getIdentifier(), $client);
+        $scopes = $this->scopeRepository->finalizeScopes($scopes, $this->getIdentifier(), $client, $oldRefreshToken['user_id'] ?? null);
 
         // Expire old tokens
         $this->accessTokenRepository->revokeAccessToken($oldRefreshToken['access_token_id']);
diff --git a/tests/Grant/RefreshTokenGrantTest.php b/tests/Grant/RefreshTokenGrantTest.php
index 1fe1eadab..165f66e70 100644
--- a/tests/Grant/RefreshTokenGrantTest.php
+++ b/tests/Grant/RefreshTokenGrantTest.php
@@ -573,7 +573,7 @@ public function testRespondToRequestFinalizeScopes(): void
         $scopeRepositoryMock
             ->expects(self::once())
             ->method('finalizeScopes')
-            ->with($scopes, $grant->getIdentifier(), $client)
+            ->with($scopes, $grant->getIdentifier(), $client, '123', null)
             ->willReturn($finalizedScopes);
 
         $accessToken = new AccessTokenEntity();

From 246782c7e948ce62af2090a8930a069f758cbeca Mon Sep 17 00:00:00 2001
From: Phillip Look <phillip@familie-look.de>
Date: Fri, 14 Feb 2025 09:33:12 +0100
Subject: [PATCH 2/3] Ensure userId is a string

Co-authored-by: Hafez Divandari <hafezdivandari@gmail.com>
---
 src/Grant/RefreshTokenGrant.php | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/src/Grant/RefreshTokenGrant.php b/src/Grant/RefreshTokenGrant.php
index 13748cb93..35d9f436c 100644
--- a/src/Grant/RefreshTokenGrant.php
+++ b/src/Grant/RefreshTokenGrant.php
@@ -69,7 +69,12 @@ public function respondToAccessTokenRequest(
             }
         }
 
-        $scopes = $this->scopeRepository->finalizeScopes($scopes, $this->getIdentifier(), $client, $oldRefreshToken['user_id'] ?? null);
+        $userId = $oldRefreshToken['user_id'];
+        if (is_int($userId)) {
+            $userId = (string) $userId;
+        }
+
+        $scopes = $this->scopeRepository->finalizeScopes($scopes, $this->getIdentifier(), $client, $userId);
 
         // Expire old tokens
         $this->accessTokenRepository->revokeAccessToken($oldRefreshToken['access_token_id']);

From 163834bd6d4396c66487cc7168cda5233eaa61a4 Mon Sep 17 00:00:00 2001
From: Phillip Look <phillip.look@brainbits.net>
Date: Fri, 14 Feb 2025 17:33:07 +0100
Subject: [PATCH 3/3] Remove redundant code

---
 src/Grant/RefreshTokenGrant.php | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/src/Grant/RefreshTokenGrant.php b/src/Grant/RefreshTokenGrant.php
index 35d9f436c..91402748f 100644
--- a/src/Grant/RefreshTokenGrant.php
+++ b/src/Grant/RefreshTokenGrant.php
@@ -83,10 +83,6 @@ public function respondToAccessTokenRequest(
         }
 
         // Issue and persist new access token
-        $userId = $oldRefreshToken['user_id'];
-        if (is_int($userId)) {
-            $userId = (string) $userId;
-        }
         $accessToken = $this->issueAccessToken($accessTokenTTL, $client, $userId, $scopes);
         $this->getEmitter()->emit(new RequestAccessTokenEvent(RequestEvent::ACCESS_TOKEN_ISSUED, $request, $accessToken));
         $responseType->setAccessToken($accessToken);