stable
Clone or download
Read-only
request #9408: Prevent mix-up attacks with OpenID Connect
This should not break a provider currently used with the plugin. For more information on the nonce paramter, please see the specification: https://openid.net/specs/openid-connect-core-1_0.html#AuthRequest https://openid.net/specs/openid-connect-core-1_0.html#NonceNotes Change-Id: Ife534cb79dfd4717056afcb9bf4352d4b5299311
Modified Files
| Name | ||||
|---|---|---|---|---|
| M | plugins/openidconnectclient/include/OpenIDConnectClient/Authentication/AuthorizationDispatcher.php | +9 | −2 | Go to diff View file |
| M | plugins/openidconnectclient/include/OpenIDConnectClient/Authentication/Flow.php | +1 | −1 | Go to diff View file |
| M | plugins/openidconnectclient/include/OpenIDConnectClient/Authentication/IDTokenVerifier.php | +14 | −2 | Go to diff View file |
| M | plugins/openidconnectclient/include/OpenIDConnectClient/Authentication/SessionState.php | +18 | −4 | Go to diff View file |
| M | plugins/openidconnectclient/include/OpenIDConnectClient/Authentication/State.php | +27 | −4 | Go to diff View file |
| M | plugins/openidconnectclient/include/OpenIDConnectClient/Authentication/StateFactory.php | +18 | −8 | Go to diff View file |
| M | plugins/openidconnectclient/include/OpenIDConnectClient/Authentication/StateManager.php | +2 | −1 | Go to diff View file |
| M | plugins/openidconnectclient/include/OpenIDConnectClient/Authentication/StateStorage.php | +2 | −1 | Go to diff View file |
| A | plugins/openidconnectclient/include/OpenIDConnectClient/Authentication/Uri/Generator.php | +53 | −0 | Go to diff View file |
| M | plugins/openidconnectclient/include/autoload.php | +3 | −2 | Go to diff View file |
| M | plugins/openidconnectclient/include/openidconnectclientPlugin.class.php | +3 | −1 | Go to diff View file |
| M | plugins/openidconnectclient/tests/Authentication/FlowTest.php | +5 | −2 | Go to diff View file |
| M | plugins/openidconnectclient/tests/Authentication/IDTokenVerifierTest.php | +45 | −13 | Go to diff View file |
| M | plugins/openidconnectclient/tests/Authentication/StateManagerTest.php | +6 | −4 | Go to diff View file |
| M | plugins/openidconnectclient/tests/Authentication/StateTest.php | +3 | −2 | Go to diff View file |
| A | plugins/openidconnectclient/tests/Authentication/Uri/GeneratorTest.php | +85 | −0 | Go to diff View file |