devstack/authorizer
4
0
Fork 0
Code Pull Requests Actions Activity

fix: get nonce from query request if possible

Browse Source
This commit is contained in:
Lakhan Samani 2022-10-19 23:36:33 +05:30
parent de4381261e
commit fedc3173fe
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
server/handlers/authorize.go
View File

@ -42,6 +42,7 @@ func AuthorizeHandler() gin.HandlerFunc {
scopeString := strings.TrimSpace(gc.Query("scope")) scopeString := strings.TrimSpace(gc.Query("scope"))
clientID := strings.TrimSpace(gc.Query("client_id")) clientID := strings.TrimSpace(gc.Query("client_id"))
responseMode := strings.TrimSpace(gc.Query("response_mode")) responseMode := strings.TrimSpace(gc.Query("response_mode"))
nonce := strings.TrimSpace(gc.Query("nonce"))
var scope []string var scope []string
if scopeString == "" { if scopeString == "" {
@ -78,11 +79,13 @@ func AuthorizeHandler() gin.HandlerFunc {
}) })
code := uuid.New().String() code := uuid.New().String()
nonce := uuid.New().String() if nonce == "" {
nonce = uuid.New().String()
}
memorystore.Provider.SetState(codeChallenge, code) memorystore.Provider.SetState(codeChallenge, code)
// used for response mode query or fragment // used for response mode query or fragment
loginState := "state=" + state + "&scope=" + strings.Join(scope, " ") + "&redirect_uri=" + redirectURI + "&code=" + code + "&nonce=" + nonce loginState := "state=" + state + "&scope=" + strings.Join(scope, " ") + "&redirect_uri=" + redirectURI + "&code=" + code
loginURL := "/app?" + loginState loginURL := "/app?" + loginState
if responseMode == constants.ResponseModeFragment { if responseMode == constants.ResponseModeFragment {