A backend for performing forward authentication with Auth0 using the Traefik reverse proxy.
GNU General Public License v3.0
86
stars
16
forks
source link
Should compare sub in access_token and id_token to verify that it is from the same user to prevent that a user can impersonate another user. #124
Open
dniel opened 5 years ago
verify both tokens, and check that the sub fields is the same in both.