From fedc3173fefa98344ab3d5c1ce70a75a39cfed3f Mon Sep 17 00:00:00 2001
From: Lakhan Samani <lakhan.m.samani@gmail.com>
Date: Wed, 19 Oct 2022 23:36:33 +0530
Subject: [PATCH] fix: get nonce from query request if possible

---
 server/handlers/authorize.go | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/server/handlers/authorize.go b/server/handlers/authorize.go
index 397aac6..8dfcbc9 100644
--- a/server/handlers/authorize.go
+++ b/server/handlers/authorize.go
@@ -42,6 +42,7 @@ func AuthorizeHandler() gin.HandlerFunc {
 		scopeString := strings.TrimSpace(gc.Query("scope"))
 		clientID := strings.TrimSpace(gc.Query("client_id"))
 		responseMode := strings.TrimSpace(gc.Query("response_mode"))
+		nonce := strings.TrimSpace(gc.Query("nonce"))
 
 		var scope []string
 		if scopeString == "" {
@@ -78,11 +79,13 @@ func AuthorizeHandler() gin.HandlerFunc {
 		})
 
 		code := uuid.New().String()
-		nonce := uuid.New().String()
+		if nonce == "" {
+			nonce = uuid.New().String()
+		}
 		memorystore.Provider.SetState(codeChallenge, code)
 
 		// used for response mode query or fragment
-		loginState := "state=" + state + "&scope=" + strings.Join(scope, " ") + "&redirect_uri=" + redirectURI + "&code=" + code + "&nonce=" + nonce
+		loginState := "state=" + state + "&scope=" + strings.Join(scope, " ") + "&redirect_uri=" + redirectURI + "&code=" + code
 		loginURL := "/app?" + loginState
 
 		if responseMode == constants.ResponseModeFragment {