-
Notifications
You must be signed in to change notification settings - Fork 129
Nonces
Kenta Ishizaki edited this page Jun 15, 2026
·
1 revision
To support clients who send nonces you have to tweak Doorkeeper's authorization view so the parameter is passed on.
If you don't already have custom templates, run this generator in your Rails application to add them:
rails generate doorkeeper:viewsThen tweak the template as follows:
--- i/app/views/doorkeeper/authorizations/new.html.erb
+++ w/app/views/doorkeeper/authorizations/new.html.erb
@@ -26,6 +26,7 @@
<%= hidden_field_tag :state, @pre_auth.state %>
<%= hidden_field_tag :response_type, @pre_auth.response_type %>
<%= hidden_field_tag :scope, @pre_auth.scope %>
+ <%= hidden_field_tag :nonce, @pre_auth.nonce %>
<%= submit_tag t('doorkeeper.authorizations.buttons.authorize'), class: "btn btn-success btn-lg btn-block" %>
<% end %>
<%= form_tag oauth_authorization_path, method: :delete do %>
@@ -34,6 +35,7 @@
<%= hidden_field_tag :state, @pre_auth.state %>
<%= hidden_field_tag :response_type, @pre_auth.response_type %>
<%= hidden_field_tag :scope, @pre_auth.scope %>
+ <%= hidden_field_tag :nonce, @pre_auth.nonce %>
<%= submit_tag t('doorkeeper.authorizations.buttons.deny'), class: "btn btn-danger btn-lg btn-block" %>
<% end %>
</div>