You are here

Home » API reference » OpenID Connect / OAuth client 8 » OpenIDConnectStateToken.php » OpenIDConnectStateToken

public static function OpenIDConnectStateToken::create in OpenID Connect / OAuth client 8

Same name and namespace in other branches
  1. 2.x src/OpenIDConnectStateToken.php \Drupal\openid_connect\OpenIDConnectStateToken::create()

Creates a state token and stores it in the session for later validation.

Return value

string A state token that later can be validated to prevent request forgery.

Overrides OpenIDConnectStateTokenInterface::create

Deprecated

in openid_connect:8.x-1.0-rc2 and is removed from openid_connect:8.x-2.0. Instead of the static OpenIDConnectStateToken::create, use the non-static \Drupal::service('openid_connect.state_token')->create() instead.

See also

https://www.drupal.org/project/openid_connect/issues/3055847

File

src/OpenIDConnectStateToken.php, line 17

Class

OpenIDConnectStateToken
Creates and validates state tokens.

Namespace

Drupal\openid_connect

Code

public static function create() {
  $state = Crypt::randomBytesBase64();
  $_SESSION['openid_connect_state'] = $state;
  return $state;
}