whs-authz-authn/oauth-backend
1
0
Fork 0
mirror of https://github.com/j93es/oauth-backend.git synced 2026-06-04 08:11:52 +09:00
Code Issues Projects Releases Packages Wiki Activity

nonceCheck

Browse source 
oidc flow인지 확인하고 id token을 디코딩한 후 nonce의 유무를 확인한다
This commit is contained in:
sultanofdisco 2025-06-08 20:56:10 +09:00
commit 4f6f2519b3
4 changed files with 113 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

14
addon/init.py
View file

@ -3,6 +3,7 @@ import asyncio
from pkce_check import PKCEDowngradeChecker
from ScopeDetection import ScopeDetection
from csrf_check import CsrfChecker
from nonce_check import NonceChecker
class PKCEAddon:
def __init__(self):
@ -49,4 +50,15 @@ class ScopeAddon:
except Exception as e:
print(f"[ERROR] ScopeDetection failed: {e}")
addons = [PKCEAddon(), ScopeAddon(), CsrfAddon()]
class NonceAddon:
def __init__(self):
self.checker = NonceChecker()
async def response(self, flow: http.HTTPFlow):
try:
await self.checker.response(flow)
except Exception as e:
print(f"[ERROR] NonceAddon failed: {e}")
pass
addons = [PKCEAddon(), ScopeAddon(), CsrfAddon(), NonceAddon()]