/**
  * Looks for an already present access_token
  *
  * @param ServerRequestEvent $event
  */
 public function onAuthorizationResponse(ServerRequestEvent $event)
 {
     $arguments = $event->getServerRequest()->getQueryParams();
     if (isset($arguments['access_token'])) {
         die("TODO: IMPLICIT");
     }
 }
 /**
  * Looks for the code parameter and stores it in the token storage if present
  *
  * @param ServerRequestEvent $event
  */
 public function onAuthorizationResponse(ServerRequestEvent $event)
 {
     $arguments = $event->getServerRequest()->getQueryParams();
     if (!isset($arguments['code'])) {
         return;
     }
     $expiresIn = 60;
     $token = $this->tokenManager->createToken("authorization_code");
     $token->setToken($arguments['code']);
     $token->setExpiresIn($expiresIn);
     $this->tokenManager->persistToken($token);
 }
 /**
  * Validates the CSRF token
  *
  * @param ServerRequestEvent $event
  *
  * @throws CsrfException
  */
 public function onAuthorizationResponse(ServerRequestEvent $event)
 {
     $arguments = $event->getServerRequest()->getQueryParams();
     if (!isset($arguments['state'])) {
         throw new CsrfException();
     }
     $stateToken = $this->tokenManager->findToken("state");
     if ($stateToken === null) {
         throw new CsrfException();
     }
     $state = $stateToken->getToken();
     if ($state !== $arguments['state']) {
         throw new CsrfException();
     }
     $this->tokenManager->removeToken($stateToken);
 }