/** * @param \OAuth2\Endpoint\Authorization $authorization An array with mixed values * * @throws \OAuth2\Exception\BaseExceptionInterface * * @return string */ protected function checkRedirectUri(Authorization $authorization) { $this->checkRedirectUriIfRequired($authorization); $redirect_uri = $authorization->getRedirectUri(); $redirect_uris = $this->getClientRedirectUris($authorization); if (empty($redirect_uri) && empty($redirect_uris)) { throw $this->getExceptionManager()->getException(ExceptionManagerInterface::BAD_REQUEST, ExceptionManagerInterface::INVALID_REQUEST, 'The "redirect_uri" parameter is missing. Add "redirect_uri" parameter or store redirect URIs to your client'); } if (!empty($redirect_uri) && !empty($redirect_uris) && false === Uri::isRedirectUriAllowed($redirect_uri, $redirect_uris)) { throw $this->getExceptionManager()->getException(ExceptionManagerInterface::BAD_REQUEST, ExceptionManagerInterface::INVALID_REQUEST, 'The specified redirect URI is not valid'); } if (!empty($redirect_uri)) { return $redirect_uri; } return $redirect_uris[0]; }
/** * @param \OAuth2\Client\ClientInterface $client * @param string $redirect_uri * @param array $parameters */ public function checkRedirectUriForTheClient(ClientInterface $client, $redirect_uri, array $parameters) { $client_redirect_uris = $this->getClientRedirectUris($client, $parameters); Assertion::false(!empty($client_redirect_uris) && false === Uri::isRedirectUriAllowed($redirect_uri, $client_redirect_uris), 'The specified redirect URI is not valid.'); }