Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add state parameter to external concrete authentication service #10984

Merged

Conversation

KorvinSzanto
Copy link
Member

This pull request also makes it easier to enable state in custom services as well, before you needed to override the handle_authentication_callback() which I did like this in the past:

public function handle_attach_callback()
{
    $this->getService()->assertStateValid($this->app->make(Request::class)->get('state'));
    return parent::handle_authentication_callback();
}

and a method on my service:

/**
 * Validate the given state
 * @throws \OAuth\OAuth2\Service\Exception\InvalidAuthorizationStateException
 */
public function assertStateValid(string $state): void
{
    $this->validateAuthorizationState($state);
}

Now all you need to do to support this in custom oauth2 services is override the needsStateParameterInAuthUrl and return true like the ExternalConcreteService does.

@aembler aembler merged commit 5a66a3a into concretecms:develop Oct 11, 2022
KorvinSzanto pushed a commit that referenced this pull request Oct 13, 2022
…ternal-auth

Add state parameter to external concrete authentication service
KorvinSzanto pushed a commit that referenced this pull request Oct 13, 2022
…ternal-auth

Add state parameter to external concrete authentication service
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

2 participants