Portainer
/
portainer
mirror of https://github.com/portainer/portainer.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fix(oauth): state to follow OAuth 2 RFC against CSRF

pull/3051/head
xAt0mZ 2019-07-26 18:21:23 +02:00
parent b537a9ad0d
commit a33dbd1e91
1 changed files with 0 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
app/portainer/views/auth/authController.js
View File

@ -119,18 +119,12 @@ function($async, $q, $scope, $state, $stateParams, $sanitize, Authentication, Us
}
function generateState() {
if ($scope.state.OAuthProvider !== 'OAuth') {
return '';
}
const uuid = uuidv4();
LocalStorage.storeLoginStateUUID(uuid);
return '&state=' + uuid;
}
function hasValidState(state) {
if ($scope.state.OAuthProvider !== 'OAuth') {
return true;
}
const savedUUID = LocalStorage.getLoginStateUUID();
return savedUUID === state;
}