whs-authz-authn/oauth-backend
1
0
Fork 0
mirror of https://github.com/j93es/oauth-backend.git synced 2026-06-04 05:31:51 +09:00
Code Issues Projects Releases Packages Wiki Activity

[Update] 검증 진행 로직 변경 및 csrf 로직 변경

Browse source
This commit is contained in:
tv0924@icloud.com 2025-07-02 11:40:29 +09:00
commit a1758a60d4
3 changed files with 8 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

2
.env
View file

@ -1,2 +1,2 @@
# Google OAuth 설정 # Google OAuth 설정
GOOGLE_ID=whs.imnya.ng@gmail.com GOOGLE_ID=oauth.j93es@gmail.com

2
addon/csrf_check.py
View file

@ -9,7 +9,7 @@ from lib.utils.is_oauth_uri import is_oauth_uri
class CsrfChecker: class CsrfChecker:
nonce_params = { nonce_params = {
"state", "nonce", "as", "frame_id", "csrf_token", "csrf" "state", "nonce", "csrf_token", "csrf"
} }
def get_header(self, headers: http.Headers, name: str) -> Optional[str]: def get_header(self, headers: http.Headers, name: str) -> Optional[str]:

8
addon/init.py
View file

@ -38,6 +38,8 @@ class AddonBase:
".googlesyndication.com", ".googlesyndication.com",
"cdn.jsdelivr.net", "cdn.jsdelivr.net",
"update.googleapis.com", "update.googleapis.com",
".google-analytics.com",
".gstatic.com"
] ]
# Ignore .googleapis.com domains # Ignore .googleapis.com domains
for domain in ignore_domains: for domain in ignore_domains:
@ -62,11 +64,13 @@ class AddonBase:
async def request(self, flow: http.HTTPFlow): async def request(self, flow: http.HTTPFlow):
if false_true_varifing_task.is_verifing_false_true() or self.should_ignore(flow): if self.google_login_hint:
await try_catch(self.google_login_hint.request(flow))
if false_true_varifing_task.is_verifing_false_true():
return return
tasks = [ tasks = [
try_catch(self.google_login_hint.request(flow)) if self.google_login_hint else None,
try_catch(PKCEDowngradeChecker().test(flow)), try_catch(PKCEDowngradeChecker().test(flow)),
] ]
await asyncio.gather(*tasks) await asyncio.gather(*tasks)