Results

    $container = \Drupal::getContainer();
    $request = $container->get('request_stack')->getCurrentRequest();
    if (!$stateId = $request->query->get('State')) {
      throw new SimpleSAML_Error_BadRequest('Missing "State" parameter.');
    }
    /*
     * Once again, note the second parameter to the loadState function. This must
     * match the string we used in the saveState-call above.
     */

      // Compare state.
      $state_sent = $this->dataHandler->get('oauth2state');
      $state_received = $this->request->getCurrentRequest()->query->get('state');
      if (empty($state_received) || ($state_received !== $state_sent)) {
        $this->userAuthenticator->nullifySessionKeys();
        $this->setProcessCallbackError('oauth');
        return NULL;
      }

    // Extract OAuth callback parameters.
    $code = $request->query->get('code');
    $state = $request->query->get('state');

    // SECURITY: Validate state parameter to prevent CSRF attacks.
    // The state must match what we stored in session during redirect.
    if (empty($_SESSION['entra_id_oauth_state']) || $state !== $_SESSION['entra_id_oauth_state']) {
      $this->messenger->addError($this->t('Invalid state parameter. Possible CSRF attack.'));
      $this->loggerFactory

   */
  public function processCallback() {
    $retrieved_state = $this->request->getCurrentRequest()->query->get('state');
    $stored_oauth2_states = $this->state()->get(self::OAUTH2_STATES_DRUPAL_STATE_KEY);
    $result = parent::processCallback();
    if ($result !== NULL) {
      // Process passed successfully.
      // Flush state value from the Drupal states, so it cannot be re-used.
      if (isset($stored_oauth2_states[$retrieved_state])) {

      // Retrieves $_GET['state'].
      $retrievedState = $this->request->getCurrentRequest()->query->get('state');

      if (empty($retrievedState) || ($retrievedState !== $state)) {
        $this->userAuthenticator->nullifySessionKeys();
        $this->messenger()->addError($this->t('Login failed. Invalid OAuth2 state.'));

        return NULL;

    // Retrieves $_GET['state'].
    $retrievedState = $this->request->getCurrentRequest()->query->get('state');
    if (empty($retrievedState) || ($retrievedState !== $state)) {
      $this->messenger()->addError($this->t('Facebook login failed. Invalid oAuth2 State.'));
      return $this->redirect('user.login');
    }

    $this->facebookManager->authenticate();

    $code = \Drupal::request()->query->get('code');
    $unlock_token = \Drupal::request()->query->get('state');
    if (!$code || empty($_SESSION['unlock_token']) || ($_SESSION['unlock_token'] !== $unlock_token)) {
      return;
    }
    $ethereum_address = $this->validateAuthCode($code);
    $ethereum_address = Html::escape($ethereum_address);

  public function index() {
    $accountId = Drupal::request()->query->get('accountId');
    $status = Drupal::request()->query->get('state');
    $database = Drupal::database();
    $query = $database->query("SELECT account, status FROM {userway_data}");
    $dbRecord = $query->fetchAssoc();

    if ($dbRecord) {
      $database->update('userway_data')

   */
  public function __invoke(Request $request): RedirectResponse {
    $state = $request->query->get('state');
    // Handle OAuth errors.
    if ($request->query->has('error')) {
      $error = $request->query->get('error');
      $this->getLogger('webex_client')->error('OAuth error: @error', [
        '@error' => $request->query->get('error_description', $error),
      ]);

  public function authorize(Request $request) {
    $code = $request->query->get('code');
    $state = $request->query->get('state');
    $route = $request->query->get('destination');
    $global = $this->tempStore->get('global');

    try {
      $storedState = $this->tempStore->get('state');
      if ($state !== $storedState) {