patch league/oauth2-server to allow the permissions check on pantheon

README.md

How to set up simple OAuth / OAuth 2.0 on Pantheon

According to the docs (https://pantheon.io/docs/modules-known-issues#simple-oauth--oauth-20), because it is not possible to change file permissions on Pantheon, even in the private directory, you can't use the Oauth module out of the box.

How to fix this

1. Create the keys and put them in your Pantheon private files directory (for example, /files/private/oauth/public.key, needs permission 770) or commit them to git outside the web root (needs permission 644).

2. Add the patch to your composer.json:

        "league/oauth2-server": {
            "Break permissions for Pantheon": "patches/oauth2-server_break-permissions-for-pantheon.patch"
        }
   

oauth2-server_break-permissions-for-pantheon.patch

diff --git a/src/CryptKey.php b/src/CryptKey.php
index e2077f70..1621cd7a 100644
--- a/src/CryptKey.php
+++ b/src/CryptKey.php
@@ -55,7 +55,8 @@ class CryptKey
         if ($keyPermissionsCheck === true) {
             // Verify the permissions of the key
             $keyPathPerms = \decoct(\fileperms($keyPath) & 0777);
-            if (\in_array($keyPathPerms, ['400', '440', '600', '640', '660'], true) === false) {
+	    // Pantheon: 770 (private files) or 644 (committed to git)
+            if (\in_array($keyPathPerms, ['400', '440', '600', '640', '644', '660', '770'], true) === false) {
                 \trigger_error(\sprintf(
                     'Key file "%s" permissions are not correct, recommend changing to 600 or 660 instead of %s',
                     $keyPath,