oss/miniflux-v2
oss/miniflux-v2
1
0
Fork 0
mirror of https://github.com/miniflux/v2.git synced 2025-08-01 17:38:37 +00:00
Code Wiki Activity

Add OAuth2 PKCE support

Browse source
This commit is contained in:
Frédéric Guillot 2023-09-02 21:35:10 -07:00
parent fa1148915e
commit ff5d391701
12 changed files with 126 additions and 68 deletions
Download patch file Download diff file Expand all files Collapse all files

5
internal/ui/oauth2_callback.go
View file

@ -4,6 +4,7 @@
package ui // import "miniflux.app/v2/internal/ui"
import (
"crypto/subtle"
"errors"
"net/http"
@ -38,7 +39,7 @@ func (h *handler) oauth2Callback(w http.ResponseWriter, r *http.Request) {
}
state := request.QueryStringParam(r, "state", "")
if state == "" || state != request.OAuth2State(r) {
if subtle.ConstantTimeCompare([]byte(state), []byte(request.OAuth2State(r))) == 0 {
logger.Error(`[OAuth2] Invalid state value: got "%s" instead of "%s"`, state, request.OAuth2State(r))
html.Redirect(w, r, route.Path(h.router, "login"))
return
@ -51,7 +52,7 @@ func (h *handler) oauth2Callback(w http.ResponseWriter, r *http.Request) {
return
}
profile, err := authProvider.GetProfile(r.Context(), code)
profile, err := authProvider.GetProfile(r.Context(), code, request.OAuth2CodeVerifier(r))
if err != nil {
logger.Error("[OAuth2] %v", err)
html.Redirect(w, r, route.Path(h.router, "login"))