amorfo77/sogo
1
0
Fork 0
mirror of https://github.com/inverse-inc/sogo.git synced 2026-04-04 21:08:51 +00:00
Code Issues Projects Releases Wiki Activity

fix(openid): add state in connection flow

Browse Source
This commit is contained in:
Hivert Quentin
2025-05-20 09:08:46 +02:00
parent e36d0d219b
commit 085fc4a9eb
2 changed files with 12 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
SoObjects/SOGo/SOGoOpenIdSession.m
View File

@@ -18,6 +18,8 @@
* Boston, MA 02111-1307, USA.
*/
#import <Foundation/NSProcessInfo.h>
#import <NGObjWeb/WOHTTPConnection.h>
#import <NGObjWeb/WORequest.h>
#import <NGObjWeb/WOResponse.h>
@@ -435,6 +437,12 @@ static BOOL SOGoOpenIDDebugEnabled = YES;
nextCheckAfter: nextCheck];
}
-(NSString *) _random_state
{
return [[[NSProcessInfo processInfo] globallyUniqueString] asSHA1String];;
}
- (NSString*) loginUrl: (NSString *) oldLocation
{
NSString* logUrl;
@@ -442,6 +450,7 @@ static BOOL SOGoOpenIDDebugEnabled = YES;
logUrl = [logUrl stringByAppendingString: @"&response_type=code"];
logUrl = [logUrl stringByAppendingFormat: @"&client_id=%@", self->openIdClient];
logUrl = [logUrl stringByAppendingFormat: @"&redirect_uri=%@", oldLocation];
logUrl = [logUrl stringByAppendingFormat: @"&state=%@", [self _random_state]];
if(self->forDomain != nil && [self->forDomain length] > 0)
logUrl = [logUrl stringByAppendingFormat: @"&sogo_domain=%@", forDomain];
// logurl = [self->logurl stringByAppendingFormat: @"&state=%@", state];

6
UI/MainUI/SOGoUserHomePage.m
View File

@@ -447,9 +447,9 @@
}
else if ([authType isEqualToString: @"openid"])
{
SOGoOpenIdSession* session;
session = [SOGoOpenIdSession OpenIdSession: loginDomain];
redirectURL = [session logoutUrl];
SOGoOpenIdSession* sessionOidc;
sessionOidc = [SOGoOpenIdSession OpenIdSession: loginDomain];
redirectURL = [sessionOidc logoutUrl];
}
#if defined(SAML2_CONFIG)
else if ([authType isEqualToString: @"saml2"])