Commit d4f109cb authored by Jon Kåre Hellan's avatar Jon Kåre Hellan

Only include nonce if oidc implicit flow

parent f14109f7
Pipeline #14634 failed with stages
in 2 minutes and 14 seconds
......@@ -1178,15 +1178,16 @@ define('jso',['require','exports','module','./store','./utils','./Config'],funct
request = {
"response_type": "token",
"state": utils.uuid(),
"nonce": utils.uuid()
"state": utils.uuid()
};
if (opts.hasOwnProperty('response_type')) {
request.response_type = opts.response_type;
}
if request.response_type.split(/\s+/).includes("id_token") {
request.nonce = utils.uuid()
}
if (callback && typeof callback === 'function') {
utils.log("About to store a callback for later with state=" + request.state, callback);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment