esoko/rvr-nextgen
esoko/rvr-nextgen
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 5 Wiki Activity

make nonce optional

Browse Source
This commit is contained in:
Bence Pőcze 2025-08-20 01:17:37 +02:00
parent 6e1ee839ba
commit 8cacbfcb62
Signed by: bence
GPG Key ID: DC5BD6E95A333E6D
4 changed files with 9 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
database/migrations/structure/20250820_0113_oauth_nonce_null.sql Normal file
View File

@ -0,0 +1,2 @@
ALTER TABLE `oauth_sessions`
MODIFY `nonce` varchar(255) CHARACTER SET ascii COLLATE ascii_bin DEFAULT NULL;

4
src/Controller/OAuthController.php
View File

@ -109,8 +109,10 @@ class OAuthController
'nbf' => $session->getCreatedDate()->getTimestamp(), 'nbf' => $session->getCreatedDate()->getTimestamp(),
'exp' => $token->getExpiresDate()->getTimestamp(), 'exp' => $token->getExpiresDate()->getTimestamp(),
'aud' => $session->getClientId(), 'aud' => $session->getClientId(),
'nonce' => $session->getNonce()
]; ];
if ($session->getNonce() !== null) {
$commonPayload['none'] = $session->getNonce();
}
$idTokenPayload = array_merge($commonPayload, $this->getUserInfoInternal( $idTokenPayload = array_merge($commonPayload, $this->getUserInfoInternal(
$this->userRepository->getById($session->getUserId()), $this->userRepository->getById($session->getUserId()),
$session->getScopeArray()) $session->getScopeArray())

2
src/Controller/OAuthSessionController.php
View File

@ -29,7 +29,7 @@ class OAuthSessionController implements IAuthenticationRequired
$clientId = \Container::$request->query('client_id'); $clientId = \Container::$request->query('client_id');
$scope = \Container::$request->query('scope') ? \Container::$request->query('scope'): ''; $scope = \Container::$request->query('scope') ? \Container::$request->query('scope'): '';
$state = \Container::$request->query('state'); $state = \Container::$request->query('state');
$nonce = \Container::$request->query('nonce') ? \Container::$request->query('nonce'): ''; $nonce = \Container::$request->query('nonce') ? \Container::$request->query('nonce'): null;
$codeChallenge = \Container::$request->query('code_challenge') ?: null; $codeChallenge = \Container::$request->query('code_challenge') ?: null;
$codeChallengeMethod = \Container::$request->query('code_challenge_method') ?: null; $codeChallengeMethod = \Container::$request->query('code_challenge_method') ?: null;

6
src/PersistentData/Model/OAuthSession.php
View File

@ -19,7 +19,7 @@ class OAuthSession extends Model
private array $scope = []; private array $scope = [];
private string $nonce = ''; private ?string $nonce = '';
private ?string $codeChallenge = null; private ?string $codeChallenge = null;
@ -52,7 +52,7 @@ class OAuthSession extends Model
$this->setScopeArray(explode(' ', $scope)); $this->setScopeArray(explode(' ', $scope));
} }
public function setNonce(string $nonce): void public function setNonce(?string $nonce): void
{ {
$this->nonce = $nonce; $this->nonce = $nonce;
} }
@ -125,7 +125,7 @@ class OAuthSession extends Model
return $this->scope; return $this->scope;
} }
public function getNonce(): string public function getNonce(): ?string
{ {
return $this->nonce; return $this->nonce;
} }