diff --git a/dist/plugin_package.zip b/dist/plugin_package.zip index b24f0ab..2818467 100644 Binary files a/dist/plugin_package.zip and b/dist/plugin_package.zip differ diff --git a/packages/backend/src/index.ts b/packages/backend/src/index.ts index c7a4a4e..a24d2c7 100644 --- a/packages/backend/src/index.ts +++ b/packages/backend/src/index.ts @@ -8,8 +8,8 @@ import { PKCECheck } from "./controller/PKCECheck"; export type API = DefineAPI<{}>; const csrfCheck = new CsrfCheck(); -const implicitGrantController = new ImplicitGrantController(); -const authZCodeGrantController = new AuthZCodeGrantController(); +// const implicitGrantController = new ImplicitGrantController(); +// const authZCodeGrantController = new AuthZCodeGrantController(); const pkceCheckController = new PKCECheck(); export function init(sdk: SDK) { @@ -29,20 +29,21 @@ export function init(sdk: SDK) { sdk.events.onInterceptResponse( async (sdk: SDK, {}>, req: Request, resp: Response) => { await csrfCheck.checker(sdk, req, resp); - sdk.events.onInterceptRequest(async (sdk, req: Request) => { - const result = - authZCodeGrantController.testReq(req) || - implicitGrantController.testReq(req); - - if (result) { await pkceCheckController.test(sdk, req); + // sdk.events.onInterceptRequest(async (sdk, req: Request) => { + // const result = + // authZCodeGrantController.testReq(req) || + // implicitGrantController.testReq(req); - await sdk.findings.create({ - title: "Possible SSO Request Detected", - description: `SSO-related parameters detected in request:\n\n${req.getMethod()} ${req.getUrl()} : ${result}`, - request: req, - reporter: "", - }); + // if (result) { + // await pkceCheckController.test(sdk, req); + + // await sdk.findings.create({ + // title: "Possible SSO Request Detected", + // description: `SSO-related parameters detected in request:\n\n${req.getMethod()} ${req.getUrl()} : ${result}`, + // request: req, + // reporter: "", + // }); } ); }