Ajout du nonce à la requête de login #1
|
@ -37,15 +37,17 @@ func (c *Client) Login(w http.ResponseWriter, r *http.Request) {
|
|||
}
|
||||
|
||||
state := uniuri.New()
|
||||
nonce := uniuri.New()
|
||||
|
||||
sess.Set(SessionOIDCStateKey, state)
|
||||
sess.Set(SessionOIDCNonceKey, nonce)
|
||||
|
||||
if err := sess.Save(w, r); err != nil {
|
||||
panic(errors.Wrap(err, "could not save session"))
|
||||
}
|
||||
|
||||
authCodeOptions := []oauth2.AuthCodeOption{}
|
||||
|
||||
authCodeOptions = append(authCodeOptions, oidc.Nonce(nonce))
|
||||
authCodeURL := c.oauth2.AuthCodeURL(
|
||||
state,
|
||||
authCodeOptions...,
|
||||
|
|
|
@ -14,6 +14,7 @@ import (
|
|||
const (
|
||||
SessionIDTokenKey = "oidc-id-token"
|
||||
SessionOIDCStateKey = "oidc-state"
|
||||
SessionOIDCNonceKey = "oidc-nonce"
|
||||
)
|
||||
|
||||
func init() {
|
||||
|
|
Loading…
Reference in New Issue