From f6ff1108572952771ee2012026713eb278893890 Mon Sep 17 00:00:00 2001 From: kmpm Date: Wed, 11 Nov 2020 13:41:31 +0100 Subject: [PATCH] feat: optional required nounce And make default false --- website/oauth2.py | 2 +- website/settings.py | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/website/oauth2.py b/website/oauth2.py index 955360c..cec29a9 100644 --- a/website/oauth2.py +++ b/website/oauth2.py @@ -122,7 +122,7 @@ def config_oauth(app): # support all openid grants authorization.register_grant(AuthorizationCodeGrant, [ - OpenIDCode(require_nonce=True), + OpenIDCode(require_nonce=app.config['REQUIRE_NONCE']), ]) authorization.register_grant(ImplicitGrant) authorization.register_grant(HybridGrant) diff --git a/website/settings.py b/website/settings.py index 3d15b10..5fcf840 100644 --- a/website/settings.py +++ b/website/settings.py @@ -3,3 +3,5 @@ OAUTH2_JWT_ISS = 'https://authlib.org' OAUTH2_JWT_KEY = 'secret-key' OAUTH2_JWT_ALG = 'HS256' + +REQUIRE_NONCE = False