fix: revert nonce

fix: comment
fix: issuer token endpoint
2022-10-20 00:14:06 +05:30 · 2022-10-19 23:55:47 +05:30 · 2022-10-19 23:41:08 +05:30 · 2022-10-19 23:39:48 +05:30
6 changed files with 17 additions and 11 deletions
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@@ -2,17 +2,17 @@ on:
  workflow_dispatch:
    inputs:
      logLevel:
-        description: 'Log level'     
+        description: 'Log level'
        required: true
-        default: 'warning' 
+        default: 'warning'
        type: choice
        options:
        - info
        - warning
-        - debug 
+        - debug
      tags:
        description: 'Tags'
-        required: false 
+        required: false
        type: boolean
  release:
    types: [created]
@@ -28,7 +28,7 @@ jobs:
          node-version: '16'
      - uses: actions/setup-go@v2
        with:
-          go-version: '^1.17.3'
+          go-version: '^1.19.1'
      - name: Install dependencies
        run: |
          sudo apt-get install build-essential wget zip gcc-mingw-w64 && \
--- a/app/src/Root.tsx
+++ b/app/src/Root.tsx
@@ -39,6 +39,7 @@ export default function Root({
 		? searchParams.get('scope')?.toString().split(' ')
 		: ['openid', 'profile', 'email'];
 	const code = searchParams.get('code') || ''
+	const nonce = searchParams.get('nonce') || ''

 	const urlProps: Record<string, any> = {
 		state,
@@ -64,6 +65,10 @@ export default function Root({
 				params += `&code=${code}`
 			}

+			if (nonce !== '') {
+				params += `&nonce=${nonce}`
+			}
+
 			if (token.refresh_token) {
 				params += `&refresh_token=${token.refresh_token}`;
 			}
--- a/server/handlers/authorize.go
+++ b/server/handlers/authorize.go
@@ -85,7 +85,7 @@ func AuthorizeHandler() gin.HandlerFunc {
 		memorystore.Provider.SetState(codeChallenge, code)

 		// used for response mode query or fragment
-		loginState := "state=" + state + "&scope=" + strings.Join(scope, " ") + "&redirect_uri=" + redirectURI + "&code=" + code
+		loginState := "state=" + state + "&scope=" + strings.Join(scope, " ") + "&redirect_uri=" + redirectURI + "&code=" + code + "&nonce=" + nonce
 		loginURL := "/app?" + loginState

 		if responseMode == constants.ResponseModeFragment {
@@ -191,7 +191,7 @@ func AuthorizeHandler() gin.HandlerFunc {
 			// 	},
 			// })

-			params := "code=" + code + "&state=" + state
+			params := "code=" + code + "&state=" + state + "&nonce=" + nonce
 			if responseMode == constants.ResponseModeQuery {
 				if strings.Contains(redirectURI, "?") {
 					redirectURI = redirectURI + "&" + params
@@ -246,7 +246,7 @@ func AuthorizeHandler() gin.HandlerFunc {
 			}

 			// used of query mode
-			params := "access_token=" + authToken.AccessToken.Token + "&token_type=bearer&expires_in=" + strconv.FormatInt(expiresIn, 10) + "&state=" + state + "&id_token=" + authToken.IDToken.Token + "&code=" + code
+			params := "access_token=" + authToken.AccessToken.Token + "&token_type=bearer&expires_in=" + strconv.FormatInt(expiresIn, 10) + "&state=" + state + "&id_token=" + authToken.IDToken.Token + "&code=" + code + "&nonce=" + nonce

 			res := map[string]interface{}{
 				"access_token": authToken.AccessToken.Token,
@@ -256,6 +256,7 @@ func AuthorizeHandler() gin.HandlerFunc {
 				"token_type":   "Bearer",
 				"expires_in":   expiresIn,
 				"code":         code,
+				"nonce":        nonce,
 			}

 			if authToken.RefreshToken != nil {
--- a/server/handlers/openid_config.go
+++ b/server/handlers/openid_config.go
@@ -17,7 +17,7 @@ func OpenIDConfigurationHandler() gin.HandlerFunc {
 		c.JSON(200, gin.H{
 			"issuer":                                issuer,
 			"authorization_endpoint":                issuer + "/authorize",
-			"token_endpoint":                        issuer + "/token",
+			"token_endpoint":                        issuer + "/oauth/token",
 			"userinfo_endpoint":                     issuer + "/userinfo",
 			"jwks_uri":                              issuer + "/.well-known/jwks.json",
 			"response_types_supported":              []string{"code", "token", "id_token"},
--- a/server/handlers/token.go
+++ b/server/handlers/token.go
@@ -22,7 +22,7 @@ import (
 func TokenHandler() gin.HandlerFunc {
 	return func(gc *gin.Context) {
 		var reqBody map[string]string
-		if err := gc.Bind(&reqBody); err != nil {
+		if err := gc.BindJSON(&reqBody); err != nil {
 			log.Debug("Error binding JSON: ", err)
 			gc.JSON(http.StatusBadRequest, gin.H{
 				"error":             "error_binding_json",
--- a/server/parsers/url.go
+++ b/server/parsers/url.go
@@ -91,7 +91,7 @@ func GetDomainName(uri string) string {
 	return host
 }

-// GetAppURL to get /app/ url if not configured by user
+// GetAppURL to get /app url if not configured by user
 func GetAppURL(gc *gin.Context) string {
 	envAppURL, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyAppURL)
 	if envAppURL == "" || err != nil {
Author	SHA1	Message	Date
Lakhan Samani	b2e0a3371f	fix: revert nonce	2022-10-20 00:14:06 +05:30
Lakhan Samani	a68876a6f4	fix: comment	2022-10-19 23:55:47 +05:30
Lakhan Samani	2c867b0314	fix: issuer token endpoint	2022-10-19 23:41:08 +05:30
Lakhan Samani	74b858ac24	fix: binding	2022-10-19 23:39:48 +05:30