gencer
commented
7 years ago @bewithsahilsaif When I pause on callback event, If I change state code or remove as you showed, it shows CSRF error. No matter what I do, it always throws a CSRF error. When I re-add correct state code, it just login and works perfectly.
Is this issue still persist? If so, Where is came from? I would like to fix or have a look on this with my own repo clone.
Note: I do not use third party authentications such as facebook or google. I use rails-sso-provider and rails-sso-client repos for own auth.
Hi,
I have previously submitted this issue to Omniauth via github, Yesterday they told me to submit it to you.
Here is the original content of the issue, Please let me know, if you need to know anything on this issue.
I found a CSRF issue with omniauth,Actually there is No Validation of
statetoken done during the execution of the Oauth-callback.Following the request link for login into forum after the authorization from auth-client getpebble.com
https://forums.host.com/auth/oauth2_basic/callback?code=261b8f5d8a998d19124107b8dd1d74d6f0088168577d02576325f0cb3b9dbd14&state=75f3a680522122b3683d6984000e4fd3310f41f8d13bf857
See, Above endpoint is protected from the CSRF issue which a verification token named as "State".
But,.
The application is not properly validating the presence of the
statetoken during the execution.This protection can be easily bypassed by just deleting the
statetoken from the Request to perform CSRF exploitation,Bypass for this CSRF protection will look like. [With-out state token]
https://forums.host.com/auth/oauth2_basic/callback?code=261b8f5d8a998d19124107b8dd1d74d6f0088168577d02576325f0cb3b9dbd14&state=
Please fix this issue by validating the state token properly before executing the request.
Please also let me know anything you need to know about this issue.
Thanks Sahil Saif