Merge pull request 'Ajout du nonce à la requête de login' (#1) from nonce into master

Reviewed-on: wpetit/goweb-oidc#1
2023-03-02 15:23:09 +01:00 · 2023-03-02 15:23:09 +01:00 · 4f3ac83623
parent 50041cbc39 f9c919a2ac
commit 4f3ac83623
2 changed files with 4 additions and 1 deletions
--- a/client.go
+++ b/client.go
@ -37,15 +37,17 @@ func (c *Client) Login(w http.ResponseWriter, r *http.Request) {
 	}

 	state := uniuri.New()
+	nonce := uniuri.New()

 	sess.Set(SessionOIDCStateKey, state)
+	sess.Set(SessionOIDCNonceKey, nonce)

 	if err := sess.Save(w, r); err != nil {
 		panic(errors.Wrap(err, "could not save session"))
 	}

 	authCodeOptions := []oauth2.AuthCodeOption{}
-
+	authCodeOptions = append(authCodeOptions, oidc.Nonce(nonce))
 	authCodeURL := c.oauth2.AuthCodeURL(
 		state,
 		authCodeOptions...,
--- a/middleware.go
+++ b/middleware.go
@ -14,6 +14,7 @@ import (
 const (
 	SessionIDTokenKey   = "oidc-id-token"
 	SessionOIDCStateKey = "oidc-state"
+	SessionOIDCNonceKey = "oidc-nonce"
 )

 func init() {