Ajout du nonce à la requête de login #1
|
@ -37,15 +37,17 @@ func (c *Client) Login(w http.ResponseWriter, r *http.Request) {
|
||||||
}
|
}
|
||||||
|
|
||||||
state := uniuri.New()
|
state := uniuri.New()
|
||||||
|
nonce := uniuri.New()
|
||||||
|
|
||||||
sess.Set(SessionOIDCStateKey, state)
|
sess.Set(SessionOIDCStateKey, state)
|
||||||
|
sess.Set(SessionOIDCNonceKey, nonce)
|
||||||
|
|
||||||
if err := sess.Save(w, r); err != nil {
|
if err := sess.Save(w, r); err != nil {
|
||||||
panic(errors.Wrap(err, "could not save session"))
|
panic(errors.Wrap(err, "could not save session"))
|
||||||
}
|
}
|
||||||
|
|
||||||
authCodeOptions := []oauth2.AuthCodeOption{}
|
authCodeOptions := []oauth2.AuthCodeOption{}
|
||||||
|
authCodeOptions = append(authCodeOptions, oidc.Nonce(nonce))
|
||||||
authCodeURL := c.oauth2.AuthCodeURL(
|
authCodeURL := c.oauth2.AuthCodeURL(
|
||||||
state,
|
state,
|
||||||
authCodeOptions...,
|
authCodeOptions...,
|
||||||
|
|
|
@ -14,6 +14,7 @@ import (
|
||||||
const (
|
const (
|
||||||
SessionIDTokenKey = "oidc-id-token"
|
SessionIDTokenKey = "oidc-id-token"
|
||||||
SessionOIDCStateKey = "oidc-state"
|
SessionOIDCStateKey = "oidc-state"
|
||||||
|
SessionOIDCNonceKey = "oidc-nonce"
|
||||||
)
|
)
|
||||||
|
|
||||||
func init() {
|
func init() {
|
||||||
|
|
Loading…
Reference in New Issue