protected function getRedirectUri($redirectUri, IOAuth2Client $client)
{
// Make sure a valid redirect_uri was supplied. If specified, it must match the stored URI.
// @see http://tools.ietf.org/html/draft-ietf-oauth-v2-20#section-3.1.2
// @see http://tools.ietf.org/html/draft-ietf-oauth-v2-20#section-4.1.2.1
// @see http://tools.ietf.org/html/draft-ietf-oauth-v2-20#section-4.2.2.1
// If multiple redirection URIs have been registered, or if no redirection
// URI has been registered, the client MUST include a redirection URI with
// the authorization request using the "redirect_uri" request parameter.
if (empty($redirectUri)) {
if (!$client->getRedirectUris()) {
throw new OAuth2ServerException(self::HTTP_BAD_REQUEST, self::ERROR_REDIRECT_URI_MISMATCH, 'No redirect URL was supplied or registered.');
}
if (count($client->getRedirectUris()) > 1) {
throw new OAuth2ServerException(self::HTTP_BAD_REQUEST, self::ERROR_REDIRECT_URI_MISMATCH, 'No redirect URL was supplied and more than one is registered.');
}
if ($this->getVariable(self::CONFIG_ENFORCE_INPUT_REDIRECT)) {
throw new OAuth2ServerException(self::HTTP_BAD_REQUEST, self::ERROR_REDIRECT_URI_MISMATCH, 'The redirect URI is mandatory and was not supplied.');
}
$redirectUri = current($client->getRedirectUris());
} else {
// Only need to validate if redirect_uri is provided on input and stored
if (!$this->validateRedirectUri($redirectUri, $client->getRedirectUris())) {
throw new OAuth2ServerException(self::HTTP_BAD_REQUEST, self::ERROR_REDIRECT_URI_MISMATCH, 'The redirect URI provided does not match registered URI(s).');
}
}
return $redirectUri;
}
