From 26adb5081bba010aa8b08111ffaf0d1f2901f78c Mon Sep 17 00:00:00 2001
From: Cy <cytklassen@gmail.com>
Date: Sun, 8 Jun 2014 12:21:46 -0700
Subject: [PATCH] Expose generated state to allow for CSRF validation.

---
 src/Provider/AbstractProvider.php    | 6 ++++--
 test/src/Provider/EventbriteTest.php | 1 +
 test/src/Provider/FacebookTest.php   | 1 +
 test/src/Provider/GithubTest.php     | 1 +
 test/src/Provider/GoogleTest.php     | 1 +
 test/src/Provider/InstagramTest.php  | 1 +
 test/src/Provider/LinkedInTest.php   | 1 +
 test/src/Provider/MicrosoftTest.php  | 1 +
 test/src/Provider/VkontakteTest.php  | 1 +
 9 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/src/Provider/AbstractProvider.php b/src/Provider/AbstractProvider.php
index fdb3c1e..256e8ba 100644
--- a/src/Provider/AbstractProvider.php
+++ b/src/Provider/AbstractProvider.php
@@ -16,6 +16,8 @@ abstract class AbstractProvider
 
     public $redirectUri = '';
 
+    public $state;
+
     public $name;
 
     public $uidKey = 'uid';
@@ -83,12 +85,12 @@ abstract class AbstractProvider
 
     public function getAuthorizationUrl($options = array())
     {
-        $state = md5(uniqid(rand(), true));
+        $this->state = md5(uniqid(rand(), true));
 
         $params = array(
             'client_id' => $this->clientId,
             'redirect_uri' => $this->redirectUri,
-            'state' => $state,
+            'state' => $this->state,
             'scope' => is_array($this->scopes) ? implode($this->scopeSeparator, $this->scopes) : $this->scopes,
             'response_type' => isset($options['response_type']) ? $options['response_type'] : 'code',
             'approval_prompt' => 'auto'
diff --git a/test/src/Provider/EventbriteTest.php b/test/src/Provider/EventbriteTest.php
index 399eb40..7880815 100644
--- a/test/src/Provider/EventbriteTest.php
+++ b/test/src/Provider/EventbriteTest.php
@@ -29,6 +29,7 @@ class EventbriteTest extends \PHPUnit_Framework_TestCase
         $this->assertArrayHasKey('scope', $query);
         $this->assertArrayHasKey('response_type', $query);
         $this->assertArrayHasKey('approval_prompt', $query);
+        $this->assertNotNull($this->provider->state);
     }
 
     public function testUrlAccessToken()
diff --git a/test/src/Provider/FacebookTest.php b/test/src/Provider/FacebookTest.php
index 47edfc8..f379227 100644
--- a/test/src/Provider/FacebookTest.php
+++ b/test/src/Provider/FacebookTest.php
@@ -29,6 +29,7 @@ class FacebookTest extends \PHPUnit_Framework_TestCase
         $this->assertArrayHasKey('scope', $query);
         $this->assertArrayHasKey('response_type', $query);
         $this->assertArrayHasKey('approval_prompt', $query);
+        $this->assertNotNull($this->provider->state);
     }
 
     public function testUrlAccessToken()
diff --git a/test/src/Provider/GithubTest.php b/test/src/Provider/GithubTest.php
index 7d8ab9f..53113ca 100644
--- a/test/src/Provider/GithubTest.php
+++ b/test/src/Provider/GithubTest.php
@@ -29,6 +29,7 @@ class GithubTest extends \PHPUnit_Framework_TestCase
         $this->assertArrayHasKey('scope', $query);
         $this->assertArrayHasKey('response_type', $query);
         $this->assertArrayHasKey('approval_prompt', $query);
+        $this->assertNotNull($this->provider->state);
     }
 
     public function testUrlAccessToken()
diff --git a/test/src/Provider/GoogleTest.php b/test/src/Provider/GoogleTest.php
index 0e814ca..b6c04d1 100644
--- a/test/src/Provider/GoogleTest.php
+++ b/test/src/Provider/GoogleTest.php
@@ -29,6 +29,7 @@ class GoogleTest extends \PHPUnit_Framework_TestCase
         $this->assertArrayHasKey('scope', $query);
         $this->assertArrayHasKey('response_type', $query);
         $this->assertArrayHasKey('approval_prompt', $query);
+        $this->assertNotNull($this->provider->state);
     }
 
     public function testUrlAccessToken()
diff --git a/test/src/Provider/InstagramTest.php b/test/src/Provider/InstagramTest.php
index 5af7042..cdc25de 100644
--- a/test/src/Provider/InstagramTest.php
+++ b/test/src/Provider/InstagramTest.php
@@ -29,6 +29,7 @@ class InstagramTest extends \PHPUnit_Framework_TestCase
         $this->assertArrayHasKey('scope', $query);
         $this->assertArrayHasKey('response_type', $query);
         $this->assertArrayHasKey('approval_prompt', $query);
+        $this->assertNotNull($this->provider->state);
     }
 
     public function testUrlAccessToken()
diff --git a/test/src/Provider/LinkedInTest.php b/test/src/Provider/LinkedInTest.php
index 1f0a04c..63d1a83 100644
--- a/test/src/Provider/LinkedInTest.php
+++ b/test/src/Provider/LinkedInTest.php
@@ -29,6 +29,7 @@ class LinkedInTest extends \PHPUnit_Framework_TestCase
         $this->assertArrayHasKey('scope', $query);
         $this->assertArrayHasKey('response_type', $query);
         $this->assertArrayHasKey('approval_prompt', $query);
+        $this->assertNotNull($this->provider->state);
     }
 
     public function testUrlAccessToken()
diff --git a/test/src/Provider/MicrosoftTest.php b/test/src/Provider/MicrosoftTest.php
index d1c1147..50e73a1 100644
--- a/test/src/Provider/MicrosoftTest.php
+++ b/test/src/Provider/MicrosoftTest.php
@@ -29,6 +29,7 @@ class MicrosoftTest extends \PHPUnit_Framework_TestCase
         $this->assertArrayHasKey('scope', $query);
         $this->assertArrayHasKey('response_type', $query);
         $this->assertArrayHasKey('approval_prompt', $query);
+        $this->assertNotNull($this->provider->state);
     }
 
     public function testUrlAccessToken()
diff --git a/test/src/Provider/VkontakteTest.php b/test/src/Provider/VkontakteTest.php
index 8ddd727..b700231 100644
--- a/test/src/Provider/VkontakteTest.php
+++ b/test/src/Provider/VkontakteTest.php
@@ -29,6 +29,7 @@ class VkontakteTest extends \PHPUnit_Framework_TestCase
         $this->assertArrayHasKey('scope', $query);
         $this->assertArrayHasKey('response_type', $query);
         $this->assertArrayHasKey('approval_prompt', $query);
+        $this->assertNotNull($this->provider->state);
     }
 
     public function testUrlAccessToken()