[KEYCLOAK-6147] Include Nonce in OIDC authentication
This commit is contained in:
parent
3ade41a76d
commit
f11c24e359
1 changed files with 8 additions and 0 deletions
|
@ -59,6 +59,7 @@ import javax.ws.rs.core.UriBuilder;
|
||||||
import javax.ws.rs.core.UriInfo;
|
import javax.ws.rs.core.UriInfo;
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
import java.net.URI;
|
import java.net.URI;
|
||||||
|
import java.util.UUID;
|
||||||
import java.util.regex.Matcher;
|
import java.util.regex.Matcher;
|
||||||
import java.util.regex.Pattern;
|
import java.util.regex.Pattern;
|
||||||
|
|
||||||
|
@ -315,6 +316,13 @@ public abstract class AbstractOAuth2IdentityProvider<C extends OAuth2IdentityPro
|
||||||
uriBuilder.queryParam(OAuth2Constants.PROMPT, prompt);
|
uriBuilder.queryParam(OAuth2Constants.PROMPT, prompt);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
String nonce = request.getAuthenticationSession().getClientNote(OIDCLoginProtocol.NONCE_PARAM);
|
||||||
|
if (nonce == null || nonce.isEmpty()) {
|
||||||
|
nonce = UUID.randomUUID().toString();
|
||||||
|
request.getAuthenticationSession().setClientNote(OIDCLoginProtocol.NONCE_PARAM, nonce);
|
||||||
|
}
|
||||||
|
uriBuilder.queryParam(OIDCLoginProtocol.NONCE_PARAM, nonce);
|
||||||
|
|
||||||
String acr = request.getAuthenticationSession().getClientNote(OAuth2Constants.ACR_VALUES);
|
String acr = request.getAuthenticationSession().getClientNote(OAuth2Constants.ACR_VALUES);
|
||||||
if (acr != null) {
|
if (acr != null) {
|
||||||
uriBuilder.queryParam(OAuth2Constants.ACR_VALUES, acr);
|
uriBuilder.queryParam(OAuth2Constants.ACR_VALUES, acr);
|
||||||
|
|
Loading…
Reference in a new issue