handleAuthorizationResponse method
Processes the query parameters added to a redirect from the authorization server.
Note that this "response" is not an HTTP response, but rather the data passed to a server controlled by the client as query parameters on the redirect URL.
It is a StateError to call this more than once, to call it before getAuthorizationUrl is called, or to call it after handleAuthorizationCode is called.
Throws FormatException if parameters
is invalid according to the
OAuth2 spec or if the authorization server otherwise provides invalid
responses. If state
was passed to getAuthorizationUrl, this will throw
a FormatException if the state
parameter doesn't match the original
value.
Throws AuthorizationException if the authorization fails.
Implementation
Future<Client> handleAuthorizationResponse(
Map<String, String> parameters) async {
if (_state == _State.initial) {
throw StateError('The authorization URL has not yet been generated.');
} else if (_state == _State.finished) {
throw StateError('The authorization code has already been received.');
}
_state = _State.finished;
if (_stateString != null) {
if (!parameters.containsKey('state')) {
throw FormatException('Invalid OAuth response for '
'"$authorizationEndpoint": parameter "state" expected to be '
'"$_stateString", was missing.');
} else if (parameters['state'] != _stateString) {
throw FormatException('Invalid OAuth response for '
'"$authorizationEndpoint": parameter "state" expected to be '
'"$_stateString", was "${parameters['state']}".');
}
}
if (parameters.containsKey('error')) {
var description = parameters['error_description'];
var uriString = parameters['error_uri'];
var uri = uriString == null ? null : Uri.parse(uriString);
throw AuthorizationException(parameters['error']!, description, uri);
} else if (!parameters.containsKey('code')) {
throw FormatException('Invalid OAuth response for '
'"$authorizationEndpoint": did not contain required parameter '
'"code".');
}
return _handleAuthorizationCode(parameters['code']);
}