From 22b50cba73ca6cf1272519b66d733ec5dcda037b Mon Sep 17 00:00:00 2001
From: Arzumify <jliwin98@hectabit.org>
Date: Sat, 4 May 2024 18:50:44 +0100
Subject: [PATCH] Make the nonce be based off the nonce specified by the app

---
 main.go | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/main.go b/main.go
index 22df2fc..f4bbb9f 100644
--- a/main.go
+++ b/main.go
@@ -728,6 +728,7 @@ func main() {
 		codemethod := c.Request.URL.Query().Get("code_challenge_method")
 		redirect_uri := c.Request.URL.Query().Get("redirect_uri")
 		state := c.Request.URL.Query().Get("state")
+		nonce := c.Request.URL.Query().Get("nonce")
 
 		userid, norows := get_user_from_session(secretKey)
 
@@ -767,6 +768,10 @@ func main() {
 			return
 		}
 
+		if nonce == "" {
+			nonce = genSalt(512)
+		}
+
 		datatemplate := jwt.MapClaims{
 			"sub":       username,
 			"iss":       "https://auth.hectabit.org",
@@ -776,7 +781,7 @@ func main() {
 			"iat":       time.Now().Unix(),
 			"auth_time": time.Now().Unix(),
 			"session":   secretKey,
-			"nonce":     genSalt(512),
+			"nonce":     nonce,
 		}
 
 		datatemplate2 := jwt.MapClaims{