verifyAndParseCodeFromCallbackUri function
A utility function to verify and parse the code from the authorization callback URI.
- verify the callback URI
- verify the state
- error detection
- parse the code from the callback URI
Implementation
String verifyAndParseCodeFromCallbackUri(
String callbackUri,
String redirectUri,
String state,
) {
if (!callbackUri.startsWith(redirectUri)) {
throw LogtoAuthException(
LogtoAuthExceptions.callbackUriValidationError,
'invalid redirect uri',
);
}
var queryParams = Uri.parse(callbackUri).queryParameters;
if (queryParams['error'] != null) {
throw LogtoAuthException(
LogtoAuthExceptions.callbackUriValidationError,
queryParams['error']!,
queryParams['error_description'],
);
}
if (queryParams['state'] == null) {
throw LogtoAuthException(
LogtoAuthExceptions.callbackUriValidationError,
'missing state',
);
}
if (queryParams['state'] != state) {
throw LogtoAuthException(
LogtoAuthExceptions.callbackUriValidationError,
'invalid state',
);
}
if (queryParams['code'] == null) {
throw LogtoAuthException(
LogtoAuthExceptions.callbackUriValidationError,
'missing code',
);
}
return queryParams['code']!;
}