public function Auth0::exchange in Auth0 Single Sign On 8.2

Exchange authorization code for access, ID, and refresh tokens

Return value

boolean

Throws

CoreException If the state value is missing or invalid.

CoreException If there is already an active session.

ApiException If access token is missing from the response.

RequestException If HTTP request fails (e.g. access token does not have userinfo scope).

File

vendor/auth0/auth0-php/src/Auth0.php, line 549

Class

Auth0: Class Auth0 Provides access to Auth0 authentication functionality.

Namespace

Auth0\SDK

Code

public function exchange() {
  $code = $this
    ->getAuthorizationCode();
  if (!$code) {
    return false;
  }
  $state = $this
    ->getState();
  if (!$this->stateHandler
    ->validate($state)) {
    throw new CoreException('Invalid state');
  }
  if ($this->user) {
    throw new CoreException('Can\'t initialize a new session while there is one active session already');
  }
  $response = $this->authentication
    ->code_exchange($code, $this->redirectUri);
  if (empty($response['access_token'])) {
    throw new ApiException('Invalid access_token - Retry login.');
  }
  $this
    ->setAccessToken($response['access_token']);
  if (isset($response['refresh_token'])) {
    $this
      ->setRefreshToken($response['refresh_token']);
  }
  if (!empty($response['id_token'])) {
    $this
      ->setIdToken($response['id_token']);
  }
  if ($this->skipUserinfo) {
    $user = $this->idTokenDecoded;
  }
  else {
    $user = $this->authentication
      ->userinfo($this->accessToken);
  }
  if ($user) {
    $this
      ->setUser($user);
  }
  return true;
}

You are here