whs-authz-authn/oauth-backend
1
0
Fork 0
mirror of https://github.com/j93es/oauth-backend.git synced 2026-06-04 01:21:51 +09:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #27 from j93es/gyu

Browse source
This commit is contained in:
James 2025-07-30 21:08:56 +09:00 committed by GitHub
commit 3018b4fd23
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
3 changed files with 1726 additions and 1406 deletions
Download patch file Download diff file Expand all files Collapse all files

8
addon/init.py
View file

@ -4,7 +4,7 @@ from pkce_check import PKCEDowngradeChecker
from addon.scope_detection import ScopeDetection
from csrf_check import CsrfChecker
from client_secret import ClientSecret
from redirect_uri_check import RedirectBypassChecker
from addon.open_redirect_check import OpenRedirectChecker
from access_token import AccessTokenScanner
from addon.google_login_hint import GoogleLoginHint
from addon.google_response_type_token import GoogleResponseTypeToken
@ -18,6 +18,8 @@ false_true_varifing_task = FalseTrueVarifingTask()
load_dotenv(override=True)
_open_redirect_checker = OpenRedirectChecker()
class AddonBase:
"""
Base class for addons.
@ -62,8 +64,6 @@ class AddonBase:
return False
async def request(self, flow: http.HTTPFlow):
if self.google_login_hint:
await try_catch(self.google_login_hint.request(flow))
@ -85,8 +85,8 @@ class AddonBase:
try_catch(ScopeDetection().test(flow)),
try_catch(ClientSecret().test(flow)),
try_catch(AccessTokenScanner().scan(flow)),
try_catch(RedirectBypassChecker().test(flow)),
try_catch(GoogleResponseTypeToken().test(flow)),
try_catch(_open_redirect_checker.test(flow)),
]
await asyncio.gather(*tasks)

1722
addon/open_redirect_check.py Normal file
View file

File diff suppressed because it is too large Load diff

1402
addon/redirect_uri_check.py
View file

File diff suppressed because it is too large Load diff