exchangeAccessToken method

  1. @override
Future<SocialSignInResultInterface> exchangeAccessToken(
  1. String authorizationCode
)
override

Your server should then daily verify the session with Facebook, and revoke the session in your system if th authorization has been withdrawn on Facebook's side.

Implementation

@override
Future<SocialSignInResultInterface> exchangeAccessToken(
    String authorizationCode) async {
  var uri = Uri.parse(_accessTokenUrl);
  final param = {
    "redirect_uri": redirectUrl,
    "client_id": clientId,
    "client_secret": clientSecret,
    "code": authorizationCode
  };
  var response = await http.get(Uri.https(uri.host, uri.path, param));

  if (response.statusCode == 200) {
    var body =
        json.decode(utf8.decode(response.bodyBytes)) as Map<String, dynamic>;
    if (body.containsKey("access_token")) {
      return FacebookSignInResult(SignInResultStatus.ok,
          accessToken: body["access_token"],
          idToken: body["id_token"] ?? "",
          state: stateCode);
    } else {
      throw handleResponseBodyFail(body);
    }
  } else {
    throw handleUnSuccessCodeFail(response);
  }
}