You are here

Home » API reference » Auth0 Single Sign On 8 » AuthController.php » AuthController

protected function AuthController::getNonce in Auth0 Single Sign On 8

Same name and namespace in other branches
  1. 8.2 src/Controller/AuthController.php \Drupal\auth0\Controller\AuthController::getNonce()

Create a new nonce in session and return it

2 calls to AuthController::getNonce()
AuthController::buildAuthorizeUrl in src/Controller/AuthController.php
Build the Authorize url
AuthController::login in src/Controller/AuthController.php
Handles the login page override.

File

src/Controller/AuthController.php, line 127

Class

AuthController
Controller routines for auth0 authentication.

Namespace

Drupal\auth0\Controller

Code

protected function getNonce() {

  // Have to start the session after putting something into the session, or we don't actually start it!
  if (!$this->sessionManager
    ->isStarted() && !isset($_SESSION['auth0_is_session_started'])) {
    $_SESSION['auth0_is_session_started'] = 'yes';
    $this->sessionManager
      ->start();
  }
  $factory = new Factory();
  $generator = $factory
    ->getMediumStrengthGenerator();
  $nonces = $this->tempStore
    ->get(AuthController::NONCE);
  if (!is_array($nonces)) {
    $nonces = array();
  }
  $nonce = base64_encode($generator
    ->generate(32));
  $newNonceArray = array_merge($nonces, [
    $nonce,
  ]);
  $this->tempStore
    ->set(AuthController::NONCE, $newNonceArray);
  return $nonce;
}