-
Notifications
You must be signed in to change notification settings - Fork 92
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update auth params method to add filters #716
Conversation
@@ -46,49 +46,6 @@ function( $default_scope, $context ) { | |||
$this->assertEquals( 'openid email profile auth0', $scope ); | |||
} | |||
|
|||
/** |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Split out into different tests in the class added below 👇
] | ||
) | ||
); | ||
if ( empty( $filtered_params['state'] ) ) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This allows backwards-compat with anyone generating their own state.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nonce can be customized?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
State-level unique value can be (default generated state would always be the same value if not). Use case here is for adding values, though.
|
||
if ( $is_implicit ) { | ||
$params['nonce'] = $nonce; | ||
$params['response_mode'] = 'form_post'; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No longer an option? 🤔
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Moved up to be more explicit
] | ||
) | ||
); | ||
if ( empty( $filtered_params['state'] ) ) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nonce can be customized?
@lbalmaceda - Not urgent but ping for you here :) |
Changes
auth0_authorize_url_params
before state is generated and decodedauth0_authorize_state
to modify state contents before decodingTesting
Checklist