whs-authz-authn/caido-plugin-test
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Update index.ts

Browse source
This commit is contained in:
sultanofdisco 2025-06-07 13:46:48 +09:00
commit 1a9d227fe6
1 changed files with 9 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

4
packages/backend/src/index.ts
View file

@ -15,6 +15,7 @@ const csrfCheck = new CsrfCheck();
const pkceCheckController = new PKCECheck(); const pkceCheckController = new PKCECheck();
const tokenCheck = new AccessTokenLeakController(); const tokenCheck = new AccessTokenLeakController();
const ScopeDetectionController = new ScopeDetection(); const ScopeDetectionController = new ScopeDetection();
// const nonceCheckController = new NonceCheckController();
const redirectBypassController = new RedirectBypassController(); const redirectBypassController = new RedirectBypassController();
export function init(sdk: SDK<API>) { export function init(sdk: SDK<API>) {
@ -25,8 +26,7 @@ export function init(sdk: SDK<API>) {
await ScopeDetectionController.scan(sdk, req.getUrl()); await ScopeDetectionController.scan(sdk, req.getUrl());
await redirectBypassController.testAsync(sdk, req, res); await redirectBypassController.testAsync(sdk, req, res);
// isOidcFlow는 비동기 메서드로 변경 if (NonceCheckController.isOidcFlow(req, res)) {
if (await NonceCheckController.isOidcFlow(req, res)) {
await sdk.findings.create({ await sdk.findings.create({
title: "OIDC Flow Detected", title: "OIDC Flow Detected",
description: "The request appears to be part of an OIDC flow.", description: "The request appears to be part of an OIDC flow.",