Merge pull request facebookarchive#613 from KuceraMartin/master

SammyK · web-flow · commit b44e2f4b1c9d · 2016-08-06T15:10:17.000-05:00
FacebookRedirectLoginHelper - let's not regenerate CSRF token
diff --git a/src/Facebook/Helpers/FacebookRedirectLoginHelper.php b/src/Facebook/Helpers/FacebookRedirectLoginHelper.php
@@ -122,7 +122,7 @@ public function getPseudoRandomStringGenerator()
      */
     private function makeUrl($redirectUrl, array $scope, array $params = [], $separator = '&')
     {
-        $state = $this->pseudoRandomStringGenerator->getPseudoRandomString(static::CSRF_LENGTH);
+        $state = $this->persistentDataHandler->get('state') ?: $this->pseudoRandomStringGenerator->getPseudoRandomString(static::CSRF_LENGTH);
         $this->persistentDataHandler->set('state', $state);
 
         return $this->oAuth2Client->getAuthorizationUrl($redirectUrl, $state, $scope, $params, $separator);

Original file line number	Diff line number	Diff line change
`@@ -122,7 +122,7 @@ public function getPseudoRandomStringGenerator()`
`122`	`122`	`*/`
`123`	`123`	`private function makeUrl($redirectUrl, array $scope, array $params = [], $separator = '&')`
`124`	`124`	`{`
`125`		`- $state = $this->pseudoRandomStringGenerator->getPseudoRandomString(static::CSRF_LENGTH);`
	`125`	`+ $state = $this->persistentDataHandler->get('state') ?: $this->pseudoRandomStringGenerator->getPseudoRandomString(static::CSRF_LENGTH);`
`126`	`126`	`$this->persistentDataHandler->set('state', $state);`
`127`	`127`
`128`	`128`	`return $this->oAuth2Client->getAuthorizationUrl($redirectUrl, $state, $scope, $params, $separator);`