projects
/
squeep-authentication-module
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
6557437
)
generate fresh state uuid instead of lifting from ctx, as requestId is migrated to...
author
Justin Wind
<justin.wind+git@gmail.com>
Sat, 10 Jun 2023 18:45:28 +0000
(11:45 -0700)
committer
Justin Wind
<justin.wind+git@gmail.com>
Sat, 10 Jun 2023 18:45:28 +0000
(11:45 -0700)
lib/session-manager.js
patch
|
blob
|
history
diff --git
a/lib/session-manager.js
b/lib/session-manager.js
index 9428203a9619243355f35fb0950f826b7b7db118..6af1017ad6c1d6a5bdfc3c7ca53fdb3d72e239ca 100644
(file)
--- a/
lib/session-manager.js
+++ b/
lib/session-manager.js
@@
-6,6
+6,7
@@
const { Communication: IndieAuthCommunication } = require('@squeep/indieauth-helper');
const { MysteryBox } = require('@squeep/mystery-box');
const { Communication: IndieAuthCommunication } = require('@squeep/indieauth-helper');
const { MysteryBox } = require('@squeep/mystery-box');
+const { randomUUID } = require('crypto');
const common = require('./common');
const Enum = require('./enum');
const Template = require('./template');
const common = require('./common');
const Enum = require('./enum');
const Template = require('./template');
@@
-180,9
+181,10
@@
class SessionManager {
if (authorizationEndpoint) {
const pkce = await IndieAuthCommunication.generatePKCE();
if (authorizationEndpoint) {
const pkce = await IndieAuthCommunication.generatePKCE();
+ const state = randomUUID();
session = {
authorizationEndpoint: authorizationEndpoint.href,
session = {
authorizationEndpoint: authorizationEndpoint.href,
- state
: ctx.requestId
,
+ state,
codeVerifier: pkce.codeVerifier,
me,
redirect,
codeVerifier: pkce.codeVerifier,
me,
redirect,