Closed pinnprophead closed 9 years ago
I made minor changes to the component, tested and it works with the nonce attribute (and default value) added.
Thank pinnprophead - I'll get a fix in place hopefully this weekend.
Now in the package and I've tested it with IdentityServer3 functions that require state.
I think a nonce (number used once) attribute would be required for IdentityServer3. When asking for openid scope, IdentityServer3 returns an error that says "nonce required."
The thinktecture guys had this handy function for the (default) value of nonce:
function rand() { return ((Date.now() + Math.random()) * Math.random()).toString().replace(".",""); }
They used it for the "state" value as well.