llvy.ltd/casdoor
1
0
Fork 0
mirror of https://github.com/casdoor/casdoor.git synced 2025-07-03 12:30:19 +08:00
Code Issues Packages Projects Releases Wiki Activity

feat: add PKCE support (#434)

Browse Source 
* feat: add PKCE support

Signed-off-by: Steve0x2a <stevesough@gmail.com>

* fix: error output when challenge is empty

Signed-off-by: Steve0x2a <stevesough@gmail.com>
This commit is contained in:
Steve0x2a
2022-01-21 09:29:19 +08:00
committed by GitHub
parent 339a85e4b0
commit 630b84f534
5 changed files with 68 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
controllers/token.go
View File

@ -142,7 +142,15 @@ func (c *ApiController) GetOAuthCode() {
state := c.Input().Get("state")
nonce := c.Input().Get("nonce")
c.Data["json"] = object.GetOAuthCode(userId, clientId, responseType, redirectUri, scope, state, nonce)
challengeMethod := c.Input().Get("code_challenge_method")
codeChallenge := c.Input().Get("code_challenge")
if challengeMethod != "S256" && challengeMethod != "null" {
c.ResponseError("Challenge method should be S256")
return
}
c.Data["json"] = object.GetOAuthCode(userId, clientId, responseType, redirectUri, scope, state, nonce, codeChallenge)
c.ServeJSON()
}
@ -161,12 +169,13 @@ func (c *ApiController) GetOAuthToken() {
clientId := c.Input().Get("client_id")
clientSecret := c.Input().Get("client_secret")
code := c.Input().Get("code")
verifier := c.Input().Get("code_verifier")
if clientId == "" && clientSecret == "" {
clientId, clientSecret, _ = c.Ctx.Request.BasicAuth()
}
c.Data["json"] = object.GetOAuthToken(grantType, clientId, clientSecret, code)
c.Data["json"] = object.GetOAuthToken(grantType, clientId, clientSecret, code, verifier)
c.ServeJSON()
}