exchangeCodeForSession method
Verifies the PKCE code verifyer and retrieves a session.
Implementation
Future<AuthSessionUrlResponse> exchangeCodeForSession(String authCode) async {
assert(_asyncStorage != null,
'You need to provide asyncStorage to perform pkce flow.');
final codeVerifierRawString = await _asyncStorage!
.getItem(key: '${Constants.defaultStorageKey}-code-verifier');
if (codeVerifierRawString == null) {
throw AuthException('Code verifier could not be found in local storage.');
}
final codeVerifier = codeVerifierRawString.split('/').first;
final eventName = codeVerifierRawString.split('/').last;
final redirectType = AuthChangeEventExtended.fromString(eventName);
final Map<String, dynamic> response = await _fetch.request(
'$_url/token',
RequestMethodType.post,
options: GotrueRequestOptions(
headers: _headers,
body: {
'auth_code': authCode,
'code_verifier': codeVerifier,
},
query: {
'grant_type': 'pkce',
},
),
);
await _asyncStorage!
.removeItem(key: '${Constants.defaultStorageKey}-code-verifier');
final authSessionUrlResponse = AuthSessionUrlResponse(
session: Session.fromJson(response)!, redirectType: redirectType?.name);
final session = authSessionUrlResponse.session;
_saveSession(session);
if (redirectType == AuthChangeEvent.passwordRecovery) {
notifyAllSubscribers(AuthChangeEvent.passwordRecovery);
} else {
notifyAllSubscribers(AuthChangeEvent.signedIn);
}
return authSessionUrlResponse;
}