3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-07-29 14:39:40 +02:00
Code Issues Projects Releases Packages Wiki Activity

save session in the authorization request

Browse source
This commit is contained in:
Denis Mishin 2025-04-24 11:11:50 -04:00
parent 52af622cc4
commit 42e1d462da
5 changed files with 69 additions and 20 deletions
Download patch file Download diff file Expand all files Collapse all files

3
internal/oauth21/authorize.go
View file

@ -12,7 +12,7 @@ import (
// ParseCodeGrantAuthorizeRequest parses the authorization request for the code grant flow.
// see https://datatracker.ietf.org/doc/html/draft-ietf-oauth-v2-1-12#section-4.1.1
// scopes are ignored
func ParseCodeGrantAuthorizeRequest(r *http.Request) (*gen.AuthorizationRequest, error) {
func ParseCodeGrantAuthorizeRequest(r *http.Request, sessionID string) (*gen.AuthorizationRequest, error) {
if err := r.ParseForm(); err != nil {
return nil, fmt.Errorf("failed to parse form: %w", err)
}
@ -24,6 +24,7 @@ func ParseCodeGrantAuthorizeRequest(r *http.Request) (*gen.AuthorizationRequest,
State: optionalFormParam(r, "state"),
CodeChallenge: r.Form.Get("code_challenge"),
CodeChallengeMethod: optionalFormParam(r, "code_challenge_method"),
SessionId: sessionID,
}
if err := protovalidate.Validate(v); err != nil {