/** * Validate if request for grant type is valid or not * @param \Flywheel\Http\WebRequest $request * @param \Flywheel\Http\WebResponse $response * @throws \Exception * @return boolean */ public function validateRequest(WebRequest $request, WebResponse $response) { if (!$request->post('code')) { throw new OAuth2Exception(OAuth2Exception::INVALID_REQUEST); } $code = $request->request('code'); if (!($authCode = $this->_dataStore->getAuthorizationCode($code))) { throw new OAuth2Exception(OAuth2Exception::INVALID_REQUEST); } $redirect_uri = $authCode->getRedirectUri(); /* * 4.1.3 - ensure that the "redirect_uri" parameter is present if the "redirect_uri" parameter was included in the initial authorization request * @uri - http://tools.ietf.org/html/rfc6749#section-4.1.3 */ if (!empty($redirect_uri)) { $requested_uri = $request->post($this->_config->get(BaseServerConfig::REDIRECT_URI_PARAM, 'redirect_uri')); if (empty($redirect_uri)) { $request->get($this->_config->get(BaseServerConfig::REDIRECT_URI_PARAM, 'redirect_uri')); } $requested_uri = urldecode($requested_uri); if ($requested_uri != $redirect_uri) { throw new OAuth2Exception(OAuth2Exception::REDIRECT_URI_MISMATCH); } } $expired = $authCode->getExpiredDate(); if (!$expired instanceof \DateTime) { throw new OAuth2Exception(OAuth2Exception::MISSING_EXPIRED_TIME); } if ($expired->getTimestamp() < time()) { throw new OAuth2Exception(OAuth2Exception::EXPIRED_AUTHORIZE_CODE); } /*if (!isset($authCode['code'])) { $authCode['code'] = $code; // used to expire the code after the access token is granted }*/ $this->_authCode = $authCode; return true; }