MCPcopy
hub / github.com/tinyauthapp/tinyauth / StoreCode

Method StoreCode

internal/service/oidc_service.go:314–342  ·  view source on GitHub ↗
(c *gin.Context, sub string, code string, req AuthorizeRequest)

Source from the content-addressed store, hash-verified

312}
313
314func (service *OIDCService) StoreCode(c *gin.Context, sub string, code string, req AuthorizeRequest) error {
315 // Fixed 10 minutes
316 expiresAt := time.Now().Add(time.Minute * time.Duration(10)).Unix()
317
318 entry := repository.CreateOidcCodeParams{
319 Sub: sub,
320 CodeHash: service.Hash(code),
321 // Here it's safe to split and trust the output since, we validated the scopes before
322 Scope: strings.Join(service.filterScopes(strings.Split(req.Scope, " ")), ","),
323 RedirectURI: req.RedirectURI,
324 ClientID: req.ClientID,
325 ExpiresAt: expiresAt,
326 Nonce: req.Nonce,
327 }
328
329 if req.CodeChallenge != "" {
330 if req.CodeChallengeMethod == "S256" {
331 entry.CodeChallenge = req.CodeChallenge
332 } else {
333 entry.CodeChallenge = service.hashAndEncodePKCE(req.CodeChallenge)
334 tlog.App.Warn().Msg("Received plain PKCE code challenge, it's recommended to use S256 for better security")
335 }
336 }
337
338 // Insert the code into the database
339 _, err := service.queries.CreateOidcCode(c, entry)
340
341 return err
342}
343
344func (service *OIDCService) StoreUserinfo(c *gin.Context, sub string, userContext config.UserContext, req AuthorizeRequest) error {
345 userInfoParams := repository.CreateOidcUserInfoParams{

Callers 1

AuthorizeMethod · 0.80

Calls 4

HashMethod · 0.95
filterScopesMethod · 0.95
hashAndEncodePKCEMethod · 0.95
CreateOidcCodeMethod · 0.80

Tested by

no test coverage detected