barbercollie/tinyauth
1
0
Fork 1
mirror of https://github.com/steveiliop56/tinyauth.git synced 2026-03-12 09:42:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: validate client id on oidc token endpoint

Browse Source
This commit is contained in:
Stavros
2026-03-11 16:48:04 +02:00
parent f1e869a920
commit b2a1bfb1f5
5 changed files with 27 additions and 54 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
internal/service/oidc_service.go
View File

@@ -352,7 +352,7 @@ func (service *OIDCService) ValidateGrantType(grantType string) error {
return nil
}
func (service *OIDCService) GetCodeEntry(c *gin.Context, codeHash string) (repository.OidcCode, error) {
func (service *OIDCService) GetCodeEntry(c *gin.Context, codeHash string, clientId string) (repository.OidcCode, error) {
oidcCode, err := service.queries.GetOidcCode(c, codeHash)
if err != nil {
@@ -374,6 +374,10 @@ func (service *OIDCService) GetCodeEntry(c *gin.Context, codeHash string) (repos
return repository.OidcCode{}, ErrCodeExpired
}
if oidcCode.ClientID != clientId {
return repository.OidcCode{}, ErrInvalidClient
}
return oidcCode, nil
}