/**
* {@inheritdoc}
*/
protected function calculateSessionState(ServerRequestInterface $request, AuthorizationInterface $authorization, $browser_state)
{
$origin = $this->getOriginUri($authorization->getRedirectUri());
$salt = Base64Url::encode(random_bytes(16));
$hash = hash('sha256', sprintf('%s%s%s%s', $authorization->getClient()->getPublicId(), $origin, $browser_state, $salt));
return sprintf('%s.%s', $hash, $salt);
}
/**
* @param \OAuth2\Endpoint\Authorization\AuthorizationInterface $authorization
* @param \Psr\Http\Message\ResponseInterface $response
* @param string $error
* @param string|null $error_description
*/
private function createRedirectionException(AuthorizationInterface $authorization, ResponseInterface &$response, $error, $error_description = null)
{
$params = ['response_mode' => $authorization->getResponseMode(), 'redirect_uri' => $authorization->getRedirectUri()];
if (true === $authorization->hasQueryParam('state')) {
$params['state'] = $authorization->getQueryParam('state');
}
$exception = $this->getExceptionManager()->getRedirectException($error, $error_description, $params);
$exception->getHttpResponse($response);
}
/**
* {@inheritdoc}
*/
public function prepareAuthorization(AuthorizationInterface $authorization)
{
$token_type = $this->getTokenTypeFromRequest($authorization->getQueryParams());
$token = $this->getAccessTokenManager()->createAccessToken($authorization->getClient(), $authorization->getUserAccount(), $token_type->getTokenTypeInformation(), $authorization->getQueryParams(), $authorization->getScopes(), null, null, ['redirect_uri' => $authorization->getRedirectUri()]);
$authorization->setData('access_token', $token);
return $token->toArray();
}
