🎯 Add OAuth2 Backward Compatibility While Keeping Cat Theming

- Return standard 'Bearer' token_type for OAuth2 compliance - Add TigerStyle extensions: tigerstyle_token_type='ScentBearer' - Support BOTH Bearer AND ScentBearer headers (dual compatibility!) - Add scent_strength metadata for cat-themed clients - Update README with dual authentication examples - Maintain full OAuth2 spec compliance while keeping tiger awesomeness 🐯 Best of both worlds - standards compliance + cat magic!
2025-09-16 21:55:10 -06:00 · 2025-09-16 21:55:10 -06:00 · c6553a91c6
commit c6553a91c6
parent 2351925591
2 changed files with 17 additions and 6 deletions
--- a/README.md
+++ b/README.md
@ -119,9 +119,13 @@ Transform your WordPress site into a complete OAuth2 provider:
 ### Using Scent Tokens

 ```bash
-# Access protected WordPress REST API
+# TigerStyle way (cat-themed) 🐯
 curl -H "Authorization: ScentBearer YOUR_SCENT_TOKEN" \
     "https://yoursite.com/wp-json/wp/v2/users/me"
+
+# Standard OAuth2 way (still works!) ✅  
+curl -H "Authorization: Bearer YOUR_SCENT_TOKEN" \
+     "https://yoursite.com/wp-json/wp/v2/users/me"
 ```

 ---
@ -149,13 +153,17 @@ curl -H "Authorization: ScentBearer YOUR_SCENT_TOKEN" \
 ```json
 {
  "access_token": "scent_abc123...",
-  "token_type": "ScentBearer",
+  "token_type": "Bearer",
  "expires_in": 3600,
  "refresh_token": "refresh_xyz789...",
-  "scope": "basic profile"
+  "scope": "basic profile",
+  "tigerstyle_token_type": "ScentBearer",
+  "scent_strength": "strong"
 }
 ```

+**🎯 Backward Compatibility**: Returns standard OAuth2 `Bearer` token type for compatibility, but includes TigerStyle extensions. Both `Bearer` and `ScentBearer` headers work!
+
 ---

 ## 🔧 Configuration
@ -267,7 +275,7 @@ add_action('tigerstyle_scent_auth_failed', function($token) {

 **❌ "Invalid scent token"**  
 - Token may have expired (default: 1 hour)
- Check token format: `ScentBearer TOKEN_HERE`
+- Try both formats: `Bearer TOKEN_HERE` or `ScentBearer TOKEN_HERE`
 - Verify database connection

 **🔄 "Territory code expired"**
--- a/includes/modules/class-scent-server.php
+++ b/includes/modules/class-scent-server.php
@ -473,10 +473,13 @@ class TigerStyleScent_ScentServer {
    private function send_scent_token_response(string $scent_token, string $refresh_scent, string $scope): void {
        $response = [
            'access_token' => $scent_token,
-            'token_type' => 'ScentBearer',  // Cat-themed token type!
+            'token_type' => 'Bearer',  // OAuth2 compliant, but we detect ScentBearer too!
            'expires_in' => 3600,
            'refresh_token' => $refresh_scent,
-            'scope' => $scope
+            'scope' => $scope,
+            // TigerStyle extension - clients can use either Bearer or ScentBearer
+            'tigerstyle_token_type' => 'ScentBearer',
+            'scent_strength' => 'strong' // Cat-themed metadata
        ];
        
        header('Content-Type: application/json');