cim/zitadel-oidc
5
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix state handling in auth request

Browse source
This commit is contained in:
Livio Amstutz 2020-09-15 08:06:18 +02:00
parent 3c2ad6a53d
commit 2dfdaa2223
2 changed files with 7 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

3
pkg/rp/relaying_party.go
View file

@ -230,9 +230,10 @@ func AuthURL(state string, rp RelayingParty, opts ...AuthURLOpt) string {
//AuthURLHandler extends the `AuthURL` method with a http redirect handler
//including handling setting cookie for secure `state` transfer
func AuthURLHandler(state string, rp RelayingParty) http.HandlerFunc {
func AuthURLHandler(stateFn func() string, rp RelayingParty) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
opts := make([]AuthURLOpt, 0)
state := stateFn()
if err := trySetStateCookie(w, state, rp); err != nil {
http.Error(w, "failed to create state cookie: "+err.Error(), http.StatusUnauthorized)
return