devstack/authorizer
4
0
Fork 0
Code Pull Requests Actions Activity

fix: revert nonce

Browse Source
This commit is contained in:
Lakhan Samani 2022-10-20 00:14:06 +05:30
parent a68876a6f4
commit b2e0a3371f
3 changed files with 14 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.github/workflows/release.yaml vendored
View File

@ -28,7 +28,7 @@ jobs:
node-version: '16' node-version: '16'
- uses: actions/setup-go@v2 - uses: actions/setup-go@v2
with: with:
go-version: '^1.17.3' go-version: '^1.19.1'
- name: Install dependencies - name: Install dependencies
run: | run: |
sudo apt-get install build-essential wget zip gcc-mingw-w64 && \ sudo apt-get install build-essential wget zip gcc-mingw-w64 && \

5
app/src/Root.tsx
View File

@ -39,6 +39,7 @@ export default function Root({
? searchParams.get('scope')?.toString().split(' ') ? searchParams.get('scope')?.toString().split(' ')
: ['openid', 'profile', 'email']; : ['openid', 'profile', 'email'];
const code = searchParams.get('code') || '' const code = searchParams.get('code') || ''
const nonce = searchParams.get('nonce') || ''
const urlProps: Record<string, any> = { const urlProps: Record<string, any> = {
state, state,
@ -64,6 +65,10 @@ export default function Root({
params += `&code=${code}` params += `&code=${code}`
} }
if (nonce !== '') {
params += `&nonce=${nonce}`
}
if (token.refresh_token) { if (token.refresh_token) {
params += `&refresh_token=${token.refresh_token}`; params += `&refresh_token=${token.refresh_token}`;
} }

7
server/handlers/authorize.go
View File

@ -85,7 +85,7 @@ func AuthorizeHandler() gin.HandlerFunc {
memorystore.Provider.SetState(codeChallenge, code) memorystore.Provider.SetState(codeChallenge, code)
// used for response mode query or fragment // used for response mode query or fragment
loginState := "state=" + state + "&scope=" + strings.Join(scope, " ") + "&redirect_uri=" + redirectURI + "&code=" + code loginState := "state=" + state + "&scope=" + strings.Join(scope, " ") + "&redirect_uri=" + redirectURI + "&code=" + code + "&nonce=" + nonce
loginURL := "/app?" + loginState loginURL := "/app?" + loginState
if responseMode == constants.ResponseModeFragment { if responseMode == constants.ResponseModeFragment {
@ -191,7 +191,7 @@ func AuthorizeHandler() gin.HandlerFunc {
// }, // },
// }) // })
params := "code=" + code + "&state=" + state params := "code=" + code + "&state=" + state + "&nonce=" + nonce
if responseMode == constants.ResponseModeQuery { if responseMode == constants.ResponseModeQuery {
if strings.Contains(redirectURI, "?") { if strings.Contains(redirectURI, "?") {
redirectURI = redirectURI + "&" + params redirectURI = redirectURI + "&" + params
@ -246,7 +246,7 @@ func AuthorizeHandler() gin.HandlerFunc {
} }
// used of query mode // used of query mode
params := "access_token=" + authToken.AccessToken.Token + "&token_type=bearer&expires_in=" + strconv.FormatInt(expiresIn, 10) + "&state=" + state + "&id_token=" + authToken.IDToken.Token + "&code=" + code params := "access_token=" + authToken.AccessToken.Token + "&token_type=bearer&expires_in=" + strconv.FormatInt(expiresIn, 10) + "&state=" + state + "&id_token=" + authToken.IDToken.Token + "&code=" + code + "&nonce=" + nonce
res := map[string]interface{}{ res := map[string]interface{}{
"access_token": authToken.AccessToken.Token, "access_token": authToken.AccessToken.Token,
@ -256,6 +256,7 @@ func AuthorizeHandler() gin.HandlerFunc {
"token_type": "Bearer", "token_type": "Bearer",
"expires_in": expiresIn, "expires_in": expiresIn,
"code": code, "code": code,
"nonce": nonce,
} }
if authToken.RefreshToken != nil { if authToken.RefreshToken != nil {