Changeset View
Changeset View
Standalone View
Standalone View
src/applications/auth/provider/PhabricatorAuthProvider.php
| Show First 20 Lines • Show All 476 Lines • ▼ Show 20 Lines | protected function verifyAuthCSRFCode(AphrontRequest $request, $actual) { | ||||
| if (!strlen($actual)) { | if (!strlen($actual)) { | ||||
| throw new Exception( | throw new Exception( | ||||
| pht( | pht( | ||||
| 'The authentication provider did not return a client state '. | 'The authentication provider did not return a client state '. | ||||
| 'parameter in its response, but one was expected. If this '. | 'parameter in its response, but one was expected. If this '. | ||||
| 'problem persists, you may need to clear your cookies.')); | 'problem persists, you may need to clear your cookies.')); | ||||
| } | } | ||||
| if ($actual !== $expect) { | if (!phutil_hashes_are_identical($actual, $expect)) { | ||||
| throw new Exception( | throw new Exception( | ||||
| pht( | pht( | ||||
| 'The authentication provider did not return the correct client '. | 'The authentication provider did not return the correct client '. | ||||
| 'state parameter in its response. If this problem persists, you may '. | 'state parameter in its response. If this problem persists, you may '. | ||||
| 'need to clear your cookies.')); | 'need to clear your cookies.')); | ||||
| } | } | ||||
| } | } | ||||
| } | } | ||||