dkam/clinch
1
0
Fork 0
Code Issues 2 Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Add nonce to the auth codes
Some checks failed
CI / scan_ruby (push) Has been cancelled
Details
CI / scan_js (push) Has been cancelled
Details
CI / lint (push) Has been cancelled
Details
CI / test (push) Has been cancelled
Details
CI / system-test (push) Has been cancelled
Details

Browse Source
This commit is contained in:
Dan Milne
2025-10-24 16:34:38 +11:00
parent 2db7f6a9df
commit 8c80343b89
3 changed files with 9 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
app/controllers/oidc_controller.rb
View File

@@ -127,12 +127,10 @@ class OidcController < ApplicationController
code: code,
redirect_uri: oauth_params['redirect_uri'],
scope: oauth_params['scope'],
nonce: oauth_params['nonce'],
expires_at: 10.minutes.from_now
)
# Store nonce in the authorization code metadata if needed
# For now, we'll pass it through the code itself
# Clear OAuth params from session
session.delete(:oauth_params)
@@ -211,7 +209,7 @@ class OidcController < ApplicationController
)
# Generate ID token
id_token = OidcJwtService.generate_id_token(user, application)
id_token = OidcJwtService.generate_id_token(user, application, nonce: auth_code.nonce)
# Return tokens
render json: {