[Update] index

packages/backend/src/index.ts

@@ -8,8 +8,8 @@ import { PKCECheck } from "./controller/PKCECheck";
 export type API = DefineAPI<{}>;
 
 const csrfCheck = new CsrfCheck();
-const implicitGrantController = new ImplicitGrantController();
-const authZCodeGrantController = new AuthZCodeGrantController();
+// const implicitGrantController = new ImplicitGrantController();
+// const authZCodeGrantController = new AuthZCodeGrantController();
 const pkceCheckController = new PKCECheck();
 
 export function init(sdk: SDK<API>) {
@@ -29,20 +29,21 @@ export function init(sdk: SDK<API>) {
   sdk.events.onInterceptResponse(
     async (sdk: SDK<DefineAPI<{}>, {}>, req: Request, resp: Response) => {
       await csrfCheck.checker(sdk, req, resp);
-  sdk.events.onInterceptRequest(async (sdk, req: Request) => {
-    const result =
-      authZCodeGrantController.testReq(req) ||
-      implicitGrantController.testReq(req);
-
-    if (result) {
       await pkceCheckController.test(sdk, req);
+      // sdk.events.onInterceptRequest(async (sdk, req: Request) => {
+      //   const result =
+      //     authZCodeGrantController.testReq(req) ||
+      //     implicitGrantController.testReq(req);
 
-      await sdk.findings.create({
-        title: "Possible SSO Request Detected",
-        description: `SSO-related parameters detected in request:\n\n${req.getMethod()} ${req.getUrl()} : ${result}`,
-        request: req,
-        reporter: "",
-      });
+      //   if (result) {
+      //     await pkceCheckController.test(sdk, req);
+
+      //     await sdk.findings.create({
+      //       title: "Possible SSO Request Detected",
+      //       description: `SSO-related parameters detected in request:\n\n${req.getMethod()} ${req.getUrl()} : ${result}`,
+      //       request: req,
+      //       reporter: "",
+      //     });
     }
   );
 }