cim/zitadel-oidc
5
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix: code challenge

Browse source
This commit is contained in:
Livio Amstutz 2020-02-28 18:07:01 +01:00
parent 7f486a54c4
commit c3169868d8
3 changed files with 8 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

2
pkg/oidc/code_challenge.go
View file

@ -19,7 +19,7 @@ type CodeChallenge struct {
}
func NewSHACodeChallenge(code string) string {
return utils.HashString(sha256.New(), code)
return utils.HashString(sha256.New(), code.false)
}
func VerifyCodeChallenge(c *CodeChallenge, codeVerifier string) bool {

2
pkg/oidc/token.go
View file

@ -185,7 +185,7 @@ func ClaimHash(claim string, sigAlgorithm jose.SignatureAlgorithm) (string, erro
return "", err
}
return utils.HashString(hash, claim), nil
return utils.HashString(hash, claim, true), nil
}
func timeToJSON(t time.Time) int64 {

8
pkg/utils/hash.go
View file

@ -23,8 +23,12 @@ func GetHashAlgorithm(sigAlgorithm jose.SignatureAlgorithm) (hash.Hash, error) {
}
}
func HashString(hash hash.Hash, s string) string {
func HashString(hash hash.Hash, s string, firstHalf bool) string {
hash.Write([]byte(s)) // hash documents that Write will never return an error
sum := hash.Sum(nil)[:hash.Size()/2]
size = hash.Size()
if firstHalf {
size = size / 2
}
sum := hash.Sum(nil)[:size]
return base64.RawURLEncoding.EncodeToString(sum)
}