Support nonce checks in OIDC Provider (#967) (7eeaea0b) · Commits · Mirrors / github.com / pusher_oauth2_proxy · GitLab

Unverified Commit 7eeaea0b authored Apr 21, 2021 by

Nick Meves Committed by GitHub Apr 21, 2021

Support nonce checks in OIDC Provider (#967)

* Set and verify a nonce with OIDC

* Create a CSRF object to manage nonces & cookies

* Add missing generic cookie unit tests

* Add config flag to control OIDC SkipNonce

* Send hashed nonces in authentication requests

* Encrypt the CSRF cookie

* Add clarity to naming & add more helper methods

* Make CSRF an interface and keep underlying nonces private

* Add ReverseProxy scope to cookie tests

* Align to new 1.16 SameSite cookie default

* Perform SecretBytes conversion on CSRF cookie crypto

* Make state encoding signatures consistent

* Mock time in CSRF struct via Clock

* Improve InsecureSkipNonce docstring

parent d3423408

Hide whitespace changes

Inline Side-by-side

mirror @mirror
mentioned in commit e3bb0385
· Apr 22, 2021

mentioned in commit e3bb0385

mentioned in commit e3bb038526022b253544ff9c803150d7b74d639e

Toggle commit list

Please register or to comment