/**
* Get the authorization code from the query parameters, if it exists,
* otherwise return false to signal no authorization code was discoverable.
*
* @return mixed Returns the authorization code, or false if the authorization
* code could not be determined.
*/
protected function getCode()
{
if (isset($_GET['code'])) {
if ($this->state && $this->state === $_GET['state']) {
// CSRF state has done its job, so clear it
$this->state = null;
$this->store->remove('state');
return $_GET['code'];
} else {
BaiduUtils::errorLog('CSRF state token does not match one provided.');
return false;
}
}
return false;
}