From 0f227323e678cc538723dc162a136976675d550c Mon Sep 17 00:00:00 2001
From: Yuval Marcus <ymarcus93@gmail.com>
Date: Tue, 23 Apr 2024 14:31:10 -0400
Subject: [PATCH] Skip nonce check if verifier nonce func is nil

---
 pkg/client/rp/verifier.go | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/pkg/client/rp/verifier.go b/pkg/client/rp/verifier.go
index 5a07d8a..ca59454 100644
--- a/pkg/client/rp/verifier.go
+++ b/pkg/client/rp/verifier.go
@@ -73,8 +73,10 @@ func VerifyIDToken[C oidc.Claims](ctx context.Context, token string, v *IDTokenV
 		return nilClaims, err
 	}
 
-	if err = oidc.CheckNonce(claims, v.Nonce(ctx)); err != nil {
-		return nilClaims, err
+	if v.Nonce != nil {
+		if err = oidc.CheckNonce(claims, v.Nonce(ctx)); err != nil {
+			return nilClaims, err
+		}
 	}
 
 	if err = oidc.CheckAuthorizationContextClassReference(claims, v.ACR); err != nil {