nonce check

oidc flow인지 check하고, nonce 유무를 체크한다

packages/backend/src/controller/nonceCheck.ts

@@ -0,0 +1,33 @@
+import type { Request } from "caido:utils";
+import { TokenLeakCheck } from "./tokenLeakCheck";
+
+export class NonceCheckController{
+    /**
+     * 응답이 OIDC(OpenID Connect) 플로우인지 확인하는 메서드
+     */
+    
+    public static isOidcFlow(req: Request): boolean {
+        if(TokenLeakCheck.extractIdToken(req)) {
+            return true;
+        }
+        return false;
+    }
+
+  
+    public static isNonceCheckRequest(req: Request): boolean {
+        const id_token = decodeIdToken(req);
+
+        // 1. nonce 파라미터가 포함된 요청인지 확인
+        if (id_token.includes("nonce=")) {
+            return true;
+        }
+
+        return false;
+    }
+}
+
+function decodeIdToken(req: Request): string {
+    // Implement actual decoding logic here. For now, return an empty string or mock value.
+    return "";
+}
+