handleAuthorizationResponse method
Processes the query parameters added to a redirect from the authorization server.
Note that this "response" is not an HTTP response, but rather the data passed to a server controlled by the client as query parameters on the redirect URL.
It is a StateError to call this more than once, to call it before getAuthorizationUrl is called, or to call it after handleAuthorizationCode is called.
Throws FormatError
if parameters
is invalid according to the OAuth2
spec or if the authorization server otherwise provides invalid responses.
If state
was passed to getAuthorizationUrl, this will throw a
FormatError
if the state
parameter doesn't match the original value.
Throws AuthorizationException
if the authorization fails.
Implementation
@override
Future<Client> handleAuthorizationResponse(
Map<String, String> parameters) async {
if (_state == _State.initial) {
throw StateError('The authorization URL has not yet been generated.');
} else if (_state == _State.finished) {
throw StateError('The authorization code has already been received.');
}
_state = _State.finished;
if (_stateString != null) {
if (!parameters.containsKey('state')) {
throw FormatException('Invalid OAuth response for '
'"$authorizationEndpoint": parameter "state" expected to be '
'"$_stateString", was missing.');
} else if (parameters['state'] != _stateString) {
throw FormatException('Invalid OAuth response for '
'"$authorizationEndpoint": parameter "state" expected to be '
'"$_stateString", was "${parameters['state']}".');
}
}
if (parameters.containsKey('error')) {
var description = parameters['error_description'];
var uriString = parameters['error_uri'];
var uri = uriString == null ? null : Uri.parse(uriString);
throw AuthorizationException(parameters['error']!, description, uri);
} else if (!parameters.containsKey('code')) {
throw FormatException('Invalid OAuth response for '
'"$authorizationEndpoint": did not contain required parameter '
'"code".');
}
return await _handleAuthorizationCode(parameters['code']);
}