Ailur
/
burgerauth
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 1 Wiki Activity

Make the nonce be based off the nonce specified by the app

This commit is contained in:
Tracker-Friendly 2024-05-04 18:50:44 +01:00
parent 1e797f5b5c
commit 22b50cba73
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
main.go
View File

@ -728,6 +728,7 @@ func main() {
codemethod := c.Request.URL.Query().Get("code_challenge_method") codemethod := c.Request.URL.Query().Get("code_challenge_method")
redirect_uri := c.Request.URL.Query().Get("redirect_uri") redirect_uri := c.Request.URL.Query().Get("redirect_uri")
state := c.Request.URL.Query().Get("state") state := c.Request.URL.Query().Get("state")
nonce := c.Request.URL.Query().Get("nonce")
userid, norows := get_user_from_session(secretKey) userid, norows := get_user_from_session(secretKey)
@ -767,6 +768,10 @@ func main() {
return return
} }
if nonce == "" {
nonce = genSalt(512)
}
datatemplate := jwt.MapClaims{ datatemplate := jwt.MapClaims{
"sub": username, "sub": username,
"iss": "https://auth.hectabit.org", "iss": "https://auth.hectabit.org",
@ -776,7 +781,7 @@ func main() {
"iat": time.Now().Unix(), "iat": time.Now().Unix(),
"auth_time": time.Now().Unix(), "auth_time": time.Now().Unix(),
"session": secretKey, "session": secretKey,
"nonce": genSalt(512), "nonce": nonce,
} }
datatemplate2 := jwt.MapClaims{ datatemplate2 := jwt.MapClaims{