summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--app/middleware/id_token.go4
-rw-r--r--pkg/oidc/oidc.go6
2 files changed, 8 insertions, 2 deletions
diff --git a/app/middleware/id_token.go b/app/middleware/id_token.go
index f0a3c74..7d106ee 100644
--- a/app/middleware/id_token.go
+++ b/app/middleware/id_token.go
@@ -16,8 +16,8 @@ func IDToken(cfg *oidc.OpenID, parsers ...TokenParser) func(http.Handler) http.H
for _, parser := range parsers {
rawIDToken := parser(r)
if x.IsPresent(rawIDToken) {
- verifier := cfg.Provider.VerifierContext(r.Context(), cfg.OIDCConfig)
- idToken, err := verifier.Verify(r.Context(), rawIDToken.String())
+ idToken, err := cfg.ValidateIDToken(r.Context(), rawIDToken)
+
if err != nil {
log.WithFields(r.Context(), log.Fields{"error": err})
cookie.Expire(w, r, "session")
diff --git a/pkg/oidc/oidc.go b/pkg/oidc/oidc.go
index b82570b..5ff8c28 100644
--- a/pkg/oidc/oidc.go
+++ b/pkg/oidc/oidc.go
@@ -33,3 +33,9 @@ func New(ctx context.Context, issuer string, clientID, clientSecret, callbackURL
},
}, nil
}
+
+func (o *OpenID) ValidateIDToken(ctx context.Context, rawIDToken RawToken) (*IDToken, error) {
+ verifier := o.Provider.VerifierContext(ctx, o.OIDCConfig)
+ idToken, err := verifier.Verify(ctx, rawIDToken.String())
+ return idToken, err
+}
generated by cgit v1.2.3 (git 2.39.1) at 2026-02-02 08:45:54 +0000