Skip to content

Commit

Permalink
hash nonce
Browse files Browse the repository at this point in the history
  • Loading branch information
@Surio89
Surio89 authored Feb 6, 2025
1 parent 3227179 commit 0e62552
Showing 1 changed file with 6 additions and 2 deletions.
8 changes: 6 additions & 2 deletions packages/oidc_core/lib/src/endpoints/facade.dart
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
import 'dart:convert';
import 'dart:math';

import 'package:crypto/crypto.dart';
import 'package:clock/clock.dart';
import 'package:http/http.dart' as http;
import 'package:jose_plus/jose.dart';
Expand Down Expand Up @@ -118,14 +119,17 @@ class OidcEndpoints {
}

final nonce = Nonce.generate(32, Random.secure());
final bytes = utf8.encode(nonce);
final hashedNonce = sha256.convert(bytes).toString();

final stateData = OidcAuthorizeState(
id: const Uuid().v4(),
createdAt: clock.now(),
codeVerifier: codeVerifier,
codeChallenge: codeChallenge,
redirectUri: input.redirectUri,
clientId: input.clientId,
nonce: nonce,
nonce: hashedNonce,
originalUri: input.originalUri,
data: input.extraStateData,
extraTokenParams: input.extraTokenParameters,
Expand Down Expand Up @@ -166,7 +170,7 @@ class OidcEndpoints {
idTokenHint: input.idTokenHint,
loginHint: input.loginHint,
maxAge: input.maxAge,
nonce: nonce,
nonce: hashedNonce,
prompt: input.prompt,
uiLocales: input.uiLocales,
);
Expand Down

0 comments on commit 0e62552

Please sign in to comment.