feat: add "nonce" into the OAuth and OIDC tokens, for some apps require "nonce" to integrate (#2522)

2025-07-01 18:40:18 +08:00 · 2023-12-01 18:29:39 +08:00
parent a5f9f61381
commit badfe34755
2 changed files with 4 additions and 3 deletions
--- a/controllers/auth.go
+++ b/controllers/auth.go
@ -155,7 +155,8 @@ func (c *ApiController) HandleLoggedIn(application *object.Application, user *ob
 			resp = &Response{Status: "error", Msg: fmt.Sprintf("error: grant_type: %s is not supported in this application", form.Type), Data: ""}
 		} else {
 			scope := c.Input().Get("scope")
-			token, _ := object.GetTokenByUser(application, user, scope, c.Ctx.Request.Host)
+			nonce := c.Input().Get("nonce")
+			token, _ := object.GetTokenByUser(application, user, scope, nonce, c.Ctx.Request.Host)
 			resp = tokenToResponse(token)
 		}
 	} else if form.Type == ResponseTypeSaml { // saml flow