OAuth2\OAuth2::validateRedirectUri PHP Method

OAuth2 Class Documentation Show file Open project: friendsofsymfony/oauth2-php

validateRedirectUri() protected method

Internal method for validating redirect URI supplied
protected validateRedirectUri ( string $inputUri, string | array $storedUris ) : boolean
$inputUri string
$storedUris string | array
return boolean 
    protected function validateRedirectUri($inputUri, $storedUris)
    {
        if (!$inputUri || !$storedUris) {
            return false;
            // if either one is missing, assume INVALID
        }
        $parsed = parse_url($inputUri);
        if (!$parsed) {
            return false;
        }
        if (isset($parsed['path'])) {
            $path = urldecode($parsed['path']);
            // check for 'path traversal'
            if (preg_match('#/\\.\\.?(/|$)#', $path)) {
                return false;
            }
        }
        if (!is_array($storedUris)) {
            $storedUris = array($storedUris);
        }
        foreach ($storedUris as $storedUri) {
            if (strcasecmp(substr($inputUri, 0, strlen($storedUri)), $storedUri) === 0) {
                return true;
            }
        }
        return false;
    }
OAuth2
__construct
buildUri
checkScope
createAccessToken
createAuthCode
createRedirectUriCallbackResponse
finishClientAuthorization
genAccessToken
genAuthCode
getAuthorizationHeader
getAuthorizeParams
getBearerToken
getBearerTokenFromFormEncodedBody
getBearerTokenFromHeaders
getBearerTokenFromQuery
getClientCredentials
getJsonHeaders
getRedirectUri
getVariable
grantAccessToken
grantAccessTokenAuthCode
grantAccessTokenClientCredentials
grantAccessTokenExtension
grantAccessTokenRefreshToken
grantAccessTokenUserCredentials
setDefaultOptions
setVariable
validateRedirectUri
verifyAccessToken