whs-authz-authn/oauth-backend
1
0
Fork 0
mirror of https://github.com/j93es/oauth-backend.git synced 2026-06-04 21:21:26 +09:00
Code Issues Projects Releases Packages Wiki Activity

Update nonce_check.py

Browse source
This commit is contained in:
sultanofdisco 2025-06-10 02:13:29 +09:00
commit 2bb887939a
1 changed files with 9 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

19
addon/nonce_check.py
View file

@ -40,14 +40,13 @@ class NonceChecker:
"""
res = flow.response
# 1. JSON 응답에 id_token 있음
try:
if "application/json" in res.headers.get("content-type", ""):
if "application/json" in res.headers.get("content-type", ""):
try:
data = res.json()
return data.get("id_token")
else:
return None
except Exception:
pass
except Exception:
pass
# 2. Location 헤더에서 id_token 파싱 (예: #id_token=...&access_token=...)
location = res.headers.get("location", "")
@ -66,7 +65,7 @@ class NonceChecker:
def decode_id_token(self, flow) -> dict:
res = flow.response
id_token = self.extract_id_token(res)
id_token = self.extract_id_token(flow)
if not id_token:
return {}
try:
@ -85,12 +84,12 @@ class NonceChecker:
parsed = urlparse(url)
fragment_params = parse_qs(parsed.fragment)
if "id token" in fragment_params:
if "id_token" in fragment_params:
# id_token이 fragment에 있는 경우
id_token = fragment_params["id token"][0]
id_token = fragment_params["id_token"][0]
return True
id_token = self.extract_id_token(res)
id_token = self.extract_id_token(flow)
decoded = self.decode_id_token(id_token)
nonce = decoded.get("nonce")