public function OauthResponse::code in OAuth2 Client 8.3
Route response method for validating and capturing a returned code.
Throws
\Drupal\Core\TempStore\TempStoreException
\Drupal\oauth2_client\Exception\InvalidOauth2ClientException
1 string reference to 'OauthResponse::code'
File
- src/
Controller/ OauthResponse.php, line 70
Class
- OauthResponse
- Controller to process an authorization code request.
Namespace
Drupal\oauth2_client\ControllerCode
public function code() {
$pluginId = $this->routeMatch
->getParameter('plugin');
$code = $this->currentRequest->query
->get('code');
if (empty($code)) {
throw new \UnexpectedValueException("The code query parameter is missing.");
}
$state = $this->currentRequest->query
->get('state');
if (empty($state)) {
throw new \UnexpectedValueException("The state query parameter is missing.");
}
$storedState = $this->tempstore
->get('oauth2_client_state-' . $pluginId);
if ($state === $storedState) {
$this->grantService
->requestAccessToken($pluginId, $code);
}
else {
// Potential CSRF attack. Bail out.
$this->tempstore
->delete('oauth2_client_state-' . $pluginId);
}
return $this->grantService
->getPostCaptureRedirect($pluginId);
}