Skip to content

Commit

Permalink
feat:add configurable state
Browse files Browse the repository at this point in the history
  • Loading branch information
shtayerc committed Oct 21, 2022
1 parent 6aae75b commit b550b42
Show file tree
Hide file tree
Showing 2 changed files with 31 additions and 1 deletion.
3 changes: 3 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,9 @@ All notable changes to this project will be documented in this file.
The format is based on [Keep a Changelog](http://keepachangelog.com/)
and this project adheres to [Semantic Versioning](http://semver.org/).

## [unreleased]
* Added support for custom state. #336

## [0.9.10]

## Fixed
Expand Down
29 changes: 28 additions & 1 deletion src/OpenIDConnectClient.php
Original file line number Diff line number Diff line change
Expand Up @@ -266,6 +266,11 @@ class OpenIDConnectClient
*/
private $token_endpoint_auth_methods_supported = ['client_secret_basic'];

/**
* @var callable function that returns custom state string
*/
private $customStateCallback;

/**
* @param $provider_url string optional
*
Expand Down Expand Up @@ -792,7 +797,7 @@ private function requestAuthorization() {
$nonce = $this->setNonce($this->generateRandString());

// State essentially acts as a session key for OIDC
$state = $this->setState($this->generateRandString());
$state = $this->setState($this->getCustomState() ?: $this->generateRandString());

$auth_params = array_merge($this->authParams, [
'response_type' => $response_type,
Expand Down Expand Up @@ -1946,6 +1951,28 @@ protected function unsetState() {
$this->unsetSessionKey('openid_connect_state');
}

/**
* Set customStateCallback function which should return string
*
* @param callable $state
* @return void
*/
public function setCustomStateCallback(callable $callback) {
$this->customStateCallback = $callback;
}

/**
* Get customState (call user defined function which returns string)
*
* @return string
*/
public function getCustomState() {
if (is_callable($this->customStateCallback)) {
return call_user_func($this->customStateCallback);
}
return null;
}

/**
* Stores $codeVerifier
*
Expand Down

0 comments on commit b550b42

Please sign in to comment.