Re: [PR] SLING-12714 - Impementation of OidcAuthenticationHandler (Support for PKCE, nonce in OidcAuthenticationHandler, bug fixes) [sling-org-apache-sling-auth-oauth-client]

via GitHub Fri, 23 May 2025 05:58:14 -0700


nscendoni commented on code in PR #15:
URL: 
https://github.com/apache/sling-org-apache-sling-auth-oauth-client/pull/15#discussion_r2104535220



##########
src/main/java/org/apache/sling/auth/oauth_client/impl/OidcAuthenticationHandler.java:
##########
@@ -159,11 +168,13 @@ public OidcAuthenticationHandler(@Reference(policyOption 
= ReferencePolicyOption
         this.stateManager = stateManager;
         this.idp = config.idp();
         this.callbackUri = config.callbackUri();
-        this.defaultRedirect = config.defaultRedirect();
         this.loginCookieManager = loginCookieManager;
         this.defaultConnectionName = config.defaultConnectionName();
         this.userInfoProcessor = userInfoProcessor;
         this.userInfoEnabled = config.userInfoEnabled();
+        this.checkNonce = config.checkNonce();

Review Comment:
   Yes. If the server would not support it, we would not validate the token.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Re: [PR] SLING-12714 - Impementation of OidcAuthenticationHandler (Support for PKCE, nonce in OidcAuthenticationHandler, bug fixes) [sling-org-apache-sling-auth-oauth-client]

Reply via email to