4 files changed, 29 insertions, 7 deletions

diff --git a/vendor/bshaffer/oauth2-server-php/src/OAuth2/Request.php b/vendor/bshaffer/oauth2-server-php/src/OAuth2/Request.php
index c96cb972f..f547bf6e8 100644
--- a/vendor/bshaffer/oauth2-server-php/src/OAuth2/Request.php
+++ b/vendor/bshaffer/oauth2-server-php/src/OAuth2/Request.php
@@ -64,7 +64,12 @@ class Request implements RequestInterface
         $this->files = $files;
         $this->server = $server;
         $this->content = $content;
-        $this->headers = is_null($headers) ? $this->getHeadersFromServer($this->server) : $headers;
+
+        if ($headers === null) {
+            $headers = array();
+        }
+
+        $this->headers = $headers + $this->getHeadersFromServer($this->server);
     }
 
     /**
diff --git a/vendor/bshaffer/oauth2-server-php/src/OAuth2/Response.php b/vendor/bshaffer/oauth2-server-php/src/OAuth2/Response.php
index ccd797ae7..88c1ad5f7 100644
--- a/vendor/bshaffer/oauth2-server-php/src/OAuth2/Response.php
+++ b/vendor/bshaffer/oauth2-server-php/src/OAuth2/Response.php
@@ -366,7 +366,7 @@ class Response implements ResponseInterface
         if (count($this->parameters) > 0) {
             // add parameters to URL redirection
             $parts = parse_url($url);
-            $sep = isset($parts['query']) && count($parts['query']) > 0 ? '&' : '?';
+            $sep = isset($parts['query']) && !empty($parts['query']) ? '&' : '?';
             $url .= $sep . http_build_query($this->parameters);
         }
 
diff --git a/vendor/bshaffer/oauth2-server-php/src/OAuth2/ResponseType/JwtAccessToken.php b/vendor/bshaffer/oauth2-server-php/src/OAuth2/ResponseType/JwtAccessToken.php
index 0af9705ff..0ee3708aa 100644
--- a/vendor/bshaffer/oauth2-server-php/src/OAuth2/ResponseType/JwtAccessToken.php
+++ b/vendor/bshaffer/oauth2-server-php/src/OAuth2/ResponseType/JwtAccessToken.php
@@ -128,7 +128,7 @@ class JwtAccessToken extends AccessToken
         $expires = time() + $this->config['access_lifetime'];
         $id = $this->generateAccessToken();
 
-        return array(
+        $payload = array(
             'id'         => $id, // for BC (see #591)
             'jti'        => $id,
             'iss'        => $this->config['issuer'],
@@ -139,5 +139,21 @@ class JwtAccessToken extends AccessToken
             'token_type' => $this->config['token_type'],
             'scope'      => $scope
         );
+        
+        if (isset($this->config['jwt_extra_payload_callable'])) {
+            if (!is_callable($this->config['jwt_extra_payload_callable'])) {
+                throw new \InvalidArgumentException('jwt_extra_payload_callable is not callable');
+            }
+            
+            $extra = call_user_func($this->config['jwt_extra_payload_callable'], $client_id, $user_id, $scope);
+            
+            if (!is_array($extra)) {
+                throw new \InvalidArgumentException('jwt_extra_payload_callable must return array');
+            }
+            
+            $payload = array_merge($extra, $payload);
+        }
+        
+        return $payload;
     }
 }
diff --git a/vendor/bshaffer/oauth2-server-php/src/OAuth2/Server.php b/vendor/bshaffer/oauth2-server-php/src/OAuth2/Server.php
index 62ae8970d..cf040c2bc 100644
--- a/vendor/bshaffer/oauth2-server-php/src/OAuth2/Server.php
+++ b/vendor/bshaffer/oauth2-server-php/src/OAuth2/Server.php
@@ -88,12 +88,12 @@ class Server implements ResourceControllerInterface,
     /**
      * @var array
      */
-    protected $grantTypes = [];
+    protected $grantTypes = array();
 
     /**
      * @var array
      */
-    protected $responseTypes = [];
+    protected $responseTypes = array();
 
     /**
      * @var TokenTypeInterface
@@ -161,6 +161,7 @@ class Server implements ResourceControllerInterface,
         // merge all config values.  These get passed to our controller objects
         $this->config = array_merge(array(
             'use_jwt_access_tokens'        => false,
+            'jwt_extra_payload_callable' => null,
             'store_encrypted_token_string' => true,
             'use_openid_connect'       => false,
             'id_lifetime'              => 3600,
@@ -840,7 +841,7 @@ class Server implements ResourceControllerInterface,
             $refreshStorage = $this->storages['refresh_token'];
         }
 
-        $config = array_intersect_key($this->config, array_flip(explode(' ', 'store_encrypted_token_string issuer access_lifetime refresh_token_lifetime')));
+        $config = array_intersect_key($this->config, array_flip(explode(' ', 'store_encrypted_token_string issuer access_lifetime refresh_token_lifetime jwt_extra_payload_callable')));
 
         return new JwtAccessToken($this->storages['public_key'], $tokenStorage, $refreshStorage, $config);
     }
@@ -1015,4 +1016,4 @@ class Server implements ResourceControllerInterface,
     {
         return isset($this->config[$name]) ? $this->config[$name] : $default;
     }
-}
\ No newline at end of file
+}