From 1e7cd884ce15255bb4777faa4b4c268de3514cb5 Mon Sep 17 00:00:00 2001 From: Joel Speed Date: Thu, 21 Jun 2018 11:31:21 +0100 Subject: [PATCH] Validate OIDC Session State --- providers/oidc.go | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/providers/oidc.go b/providers/oidc.go index ccd1bbdfd..4bc2095d8 100644 --- a/providers/oidc.go +++ b/providers/oidc.go @@ -123,3 +123,13 @@ func (p *OIDCProvider) createSessionState(token *oauth2.Token, ctx context.Conte Email: claims.Email, }, nil } + +func (p *OIDCProvider) ValidateSessionState(s *SessionState) bool { + ctx := context.Background() + _, err := p.Verifier.Verify(ctx, s.IdToken) + if err != nil { + return false + } + + return true +}