whs-authz-authn/caido-plugin-test
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Update index.ts

Browse source
This commit is contained in:
sultanofdisco 2025-06-07 13:46:48 +09:00
commit 1a9d227fe6
1 changed files with 9 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

18
packages/backend/src/index.ts
View file

@ -15,6 +15,7 @@ const csrfCheck = new CsrfCheck();
const pkceCheckController = new PKCECheck(); const pkceCheckController = new PKCECheck();
const tokenCheck = new AccessTokenLeakController(); const tokenCheck = new AccessTokenLeakController();
const ScopeDetectionController = new ScopeDetection(); const ScopeDetectionController = new ScopeDetection();
// const nonceCheckController = new NonceCheckController();
const redirectBypassController = new RedirectBypassController(); const redirectBypassController = new RedirectBypassController();
export function init(sdk: SDK<API>) { export function init(sdk: SDK<API>) {
@ -25,15 +26,14 @@ export function init(sdk: SDK<API>) {
await ScopeDetectionController.scan(sdk, req.getUrl()); await ScopeDetectionController.scan(sdk, req.getUrl());
await redirectBypassController.testAsync(sdk, req, res); await redirectBypassController.testAsync(sdk, req, res);
// isOidcFlow는 비동기 메서드로 변경 if (NonceCheckController.isOidcFlow(req, res)) {
if (await NonceCheckController.isOidcFlow(req, res)) { await sdk.findings.create({
await sdk.findings.create({ title: "OIDC Flow Detected",
title: "OIDC Flow Detected", description: "The request appears to be part of an OIDC flow.",
description: "The request appears to be part of an OIDC flow.", request: req,
request: req, reporter: "",
reporter: "", });
}); }
}
}); });
sdk.events.onInterceptRequest(async (sdk, req: Request) => { sdk.events.onInterceptRequest(async (sdk, req: Request) => {