diff --git a/dist/plugin_package.zip b/dist/plugin_package.zip index 1b3f2de..fe3427f 100644 Binary files a/dist/plugin_package.zip and b/dist/plugin_package.zip differ diff --git a/packages/backend/src/controller/nonceCheck.ts b/packages/backend/src/controller/nonceCheck.ts index 383ca90..a27a4d6 100644 --- a/packages/backend/src/controller/nonceCheck.ts +++ b/packages/backend/src/controller/nonceCheck.ts @@ -1,4 +1,4 @@ -import type { Request } from "caido:utils"; +import type { Request, Response } from "caido:utils"; import { TokenLeakCheck } from "./tokenLeakCheck"; export class NonceCheckController{ @@ -6,8 +6,8 @@ export class NonceCheckController{ * 응답이 OIDC(OpenID Connect) 플로우인지 확인하는 메서드 */ - public static isOidcFlow(req: Request): boolean { - if(TokenLeakCheck.extractIdToken(req)) { + public static isOidcFlow(req: Request, res:Response): boolean { + if(TokenLeakCheck.extractIdToken(req, res)) { return true; } return false; @@ -15,10 +15,10 @@ export class NonceCheckController{ public static isNonceCheckRequest(req: Request): boolean { - const id_token = decodeIdToken(req); + const id_token = TokenLeakCheck.decodeIdToken(req); // 1. nonce 파라미터가 포함된 요청인지 확인 - if (id_token.includes("nonce=")) { + if (id_token && id_token.includes("nonce=")) { return true; } @@ -26,8 +26,4 @@ export class NonceCheckController{ } } -function decodeIdToken(req: Request): string { - // Implement actual decoding logic here. For now, return an empty string or mock value. - return ""; -} diff --git a/packages/backend/src/index.ts b/packages/backend/src/index.ts index 0ad8c01..00fdd51 100644 --- a/packages/backend/src/index.ts +++ b/packages/backend/src/index.ts @@ -1,5 +1,5 @@ import type { SDK, DefineAPI } from "caido:plugin"; -import type { Request } from "caido:utils"; +import type { Request, Response } from "caido:utils"; import { ImplicitGrantController } from "./controller/implictGrant"; import { AuthZCodeGrantController } from "./controller/authZCodeGrant"; import { NonceCheckController } from "./controller/nonceCheck"; @@ -8,6 +8,7 @@ export type API = DefineAPI<{}>; const implicitGrantController = new ImplicitGrantController(); const authZCodeGrantController = new AuthZCodeGrantController(); +const nonceCheckController = new NonceCheckController(); // function matchSSORequest(req: Request): boolean { // const raw = req.getRaw().toString(); @@ -28,7 +29,8 @@ const authZCodeGrantController = new AuthZCodeGrantController(); // } export function init(sdk: SDK) { - sdk.events.onInterceptRequest(async (sdk, req: Request) => { + // 요청 이벤트 + sdk.events.onInterceptRequest(async (sdk, req) => { const result = authZCodeGrantController.testReq(req) || implicitGrantController.testReq(req); @@ -41,8 +43,12 @@ export function init(sdk: SDK) { reporter: "", }); } + }); - if(NonceCheckController.isOidcFlow(req)) { + // 응답 이벤트 + sdk.events.onInterceptResponse(async (sdk, req, res) => { + + if (NonceCheckController.isOidcFlow(req, res)) { await sdk.findings.create({ title: "OIDC Flow Detected", description: "The request appears to be part of an OIDC flow.",