dkam/clinch
1
0
Fork 0
Code Issues 2 Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Bug fix for domain names with empty string instead of null. Form errors and some security fixes
Some checks failed
CI / scan_ruby (push) Has been cancelled
Details
CI / scan_js (push) Has been cancelled
Details
CI / lint (push) Has been cancelled
Details
CI / test (push) Has been cancelled
Details
CI / system-test (push) Has been cancelled
Details

Browse Source
This commit is contained in:
Dan Milne
2025-11-09 12:22:41 +11:00
parent d9f11abbbf
commit 4df2eee4d9
6 changed files with 28 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
app/controllers/oidc_controller.rb
View File

@@ -408,9 +408,7 @@ class OidcController < ApplicationController
when "plain"
code_verifier
when "S256"
Digest::SHA256.base64digest(code_verifier)
.tr("+/", "-_")
.tr("=", "")
Base64.urlsafe_encode64(Digest::SHA256.digest(code_verifier), padding: false)
else
return {
valid: false,