Merge branch 'main' into gyu

2026-06-04 08:01:51 +09:00 · 2025-06-11 12:28:24 +09:00 · 2025-06-11 12:28:24 +09:00 · ef61667cfe
commit ef61667cfe
parent 7ac749fa36 30e2730cb1
4 changed files with 215 additions and 3 deletions
--- a/addon/init.py
+++ b/addon/init.py
@ -5,6 +5,7 @@ from ScopeDetection import ScopeDetection
 from csrf_check import CsrfChecker
 from nonce_check import NonceChecker
 from redirect_uri_check import RedirectBypassChecker
+from access_token import AccessTokenScanner

 class PKCEAddon:
    def __init__(self):
@ -57,11 +58,24 @@ class NonceAddon:

    async def response(self, flow: http.HTTPFlow):
        try:
-            await self.checker.response(flow)
+            pass
+            # TODO id_token을 파싱하는 부분이 누락되어있습니다.
+            # await self.checker.check_nonce_in_id_token(flow)
        except Exception as e:
            print(f"[ERROR] NonceAddon failed: {e}")
            pass

+class AccessTokenAddon:
+    def __init__(self):
+        self.checker = AccessTokenScanner()
+
+    async def response(self, flow: http.HTTPFlow):
+        try:
+            await self.checker.scan(flow)
+        except Exception as e:
+            print(f"[ERROR] AccessToken Addon failed: {e}")
+            pass
+
 class RedirectBypassAddon:
    def __init__(self):
        self.checker = RedirectBypassChecker()
@ -73,4 +87,4 @@ class RedirectBypassAddon:
        except Exception as e:
            print(f"[ERROR] RedirectBypass Addon failed: {e}")

-addons = [PKCEAddon(), ScopeAddon(), CsrfAddon(), NonceAddon(), RedirectBypassAddon()]
+addons = [PKCEAddon(), ScopeAddon(), CsrfAddon(), NonceAddon(), AccessTokenAddon(), RedirectBypassAddon()]