/** * Validates any CSRF parameters. * * @throws CsrfException */ protected function validateCsrf() { if (empty($this->getInput('state')) || $this->getInput('state') !== $this->store->get('oauth2state')) { $this->store->set('oauth2state', null); throw new CsrfException('Invalid state'); } return; }