You are here

Home » API reference » OpenID Connect / OAuth client 2.x » OpenIDConnectStateToken.php

class OpenIDConnectStateToken in OpenID Connect / OAuth client 2.x

Same name and namespace in other branches
  1. 8 src/OpenIDConnectStateToken.php \Drupal\openid_connect\OpenIDConnectStateToken

Creates and validates state tokens.

@package Drupal\openid_connect

Hierarchy

Expanded class hierarchy of OpenIDConnectStateToken

1 file declares its use of OpenIDConnectStateToken
OpenIDConnectStateTokenTest.php in tests/src/Unit/OpenIDConnectStateTokenTest.php
1 string reference to 'OpenIDConnectStateToken'
openid_connect.services.yml in ./openid_connect.services.yml
openid_connect.services.yml
1 service uses OpenIDConnectStateToken
openid_connect.state_token in ./openid_connect.services.yml
Drupal\openid_connect\OpenIDConnectStateToken

File

src/OpenIDConnectStateToken.php, line 14

Namespace

Drupal\openid_connect
View source 
class OpenIDConnectStateToken implements OpenIDConnectStateTokenInterface, ContainerInjectionInterface {

  /**
   * The OpenID Connect session service.
   *
   * @var \Drupal\openid_connect\OpenIDConnectSessionInterface
   */
  protected $session;

  /**
   * Construct an instance of the OpenID Connect state token service.
   *
   * @param \Drupal\openid_connect\OpenIDConnectSessionInterface $session
   *   The OpenID Connect session service.
   */
  public function __construct(OpenIDConnectSessionInterface $session) {
    $this->session = $session;
  }

  /**
   * {@inheritdoc}
   */
  public static function create(ContainerInterface $container) : OpenIDConnectStateToken {
    return new static($container
      ->get('openid_connect.session'));
  }

  /**
   * {@inheritdoc}
   */
  public function generateToken() : string {
    $state = Crypt::randomBytesBase64();
    $this->session
      ->saveStateToken($state);
    return $state;
  }

  /**
   * {@inheritdoc}
   */
  public function confirm(string $state_token) : bool {
    $state = $this->session
      ->retrieveStateToken(FALSE);
    return !empty($state) && $state_token == $state;
  }

}

Members

Namesort descending Modifiers Type Description Overrides
OpenIDConnectStateToken::$session protected property The OpenID Connect session service.
OpenIDConnectStateToken::confirm public function Confirms anti-forgery state token. Overrides OpenIDConnectStateTokenInterface::confirm
OpenIDConnectStateToken::create public static function Instantiates a new instance of this class. Overrides ContainerInjectionInterface::create
OpenIDConnectStateToken::generateToken public function Creates a state token and stores it in the session for later validation. Overrides OpenIDConnectStateTokenInterface::generateToken
OpenIDConnectStateToken::__construct public function Construct an instance of the OpenID Connect state token service.