protected function validateState(tubepress_spi_http_oauth2_Oauth2ProviderInterface $provider)
{
if (!$provider->isStateUsed()) {
return;
}
$currentUrl = $this->_urlFactory->fromCurrent();
$stateFromProvider = $currentUrl->getQuery()->get('state');
if (!$stateFromProvider) {
$this->bail(sprintf('%s did not supply state. Possible replay attack.', $provider->getDisplayName()));
}
$sessionKey = $this->_getSessionKey($provider);
if (!isset($_SESSION[$sessionKey])) {
$this->bail(sprintf('No stored state for %s. Try again.', $provider->getDisplayName()));
}
if ($_SESSION[$sessionKey] !== $stateFromProvider) {
$this->bail(sprintf('State from %s did not match our saved state. Possible reply attack. Please try again.', $provider->getDisplayName()));
}
return;
}
private function _checkResponseForError(tubepress_spi_http_oauth2_Oauth2ProviderInterface $provider, tubepress_api_http_message_ResponseInterface $response)
{
if (intval($response->getStatusCode()) === 200) {
return;
}
if (intval($response->getStatusCode()) === 400) {
$body = $response->getBody()->toString();
$decoded = json_decode($body, true);
if (is_array($decoded) && isset($decoded['error'])) {
throw new RuntimeException(sprintf('%s responded with an HTTP 400: %s', $provider->getDisplayName(), $decoded['error']));
}
}
throw new RuntimeException(sprintf('%s responded with an HTTP %s: %s', $provider->getDisplayName(), $response->getStatusCode(), $response->getBody()->toString()));
}
