whs-authz-authn/caido-plugin-test
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Update index.ts

Browse source
This commit is contained in:
sultanofdisco 2025-06-07 13:46:48 +09:00
commit 1a9d227fe6
1 changed files with 9 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

18
packages/backend/src/index.ts
View file

@ -15,6 +15,7 @@ const csrfCheck = new CsrfCheck();
const pkceCheckController = new PKCECheck();
const tokenCheck = new AccessTokenLeakController();
const ScopeDetectionController = new ScopeDetection();
// const nonceCheckController = new NonceCheckController();
const redirectBypassController = new RedirectBypassController();
export function init(sdk: SDK<API>) {
@ -25,15 +26,14 @@ export function init(sdk: SDK<API>) {
await ScopeDetectionController.scan(sdk, req.getUrl());
await redirectBypassController.testAsync(sdk, req, res);
// isOidcFlow는 비동기 메서드로 변경
if (await NonceCheckController.isOidcFlow(req, res)) {
await sdk.findings.create({
title: "OIDC Flow Detected",
description: "The request appears to be part of an OIDC flow.",
request: req,
reporter: "",
});
}
if (NonceCheckController.isOidcFlow(req, res)) {
await sdk.findings.create({
title: "OIDC Flow Detected",
description: "The request appears to be part of an OIDC flow.",
request: req,
reporter: "",
});
}
});
sdk.events.onInterceptRequest(async (sdk, req: Request) => {