The nonce parameter value needs to include per-session state and be unguessable to attackers. One method to achieve this for Web Server Clients is to store a cryptographically random value as an HttpOnly session cookie and use a cryptographic hash of the value as the nonce parameter. In that case, the nonce in the returned ID Token is compared to the hash of the session cookie to detect ID Token replay by third parties.
Implemented by this PR using nonce, hashNonce() and OidcCookie.
Release notes
( ) Release notes are required, with the following suggested text:
Description
Fix #339 Depends on #343 Add state and nonce verification and integration test in OIDC.
Implementation details
State
Ref: https://developers.google.com/identity/openid-connect/openid-connect#server-flow Correct implementation of OIDC:
OidcCookie
)state
)Nonce
Ref: https://openid.net/specs/openid-connect-core-1_0-17_orig.html#NonceNotes
Implemented by this PR using
nonce
,hashNonce()
andOidcCookie
.Release notes
( ) Release notes are required, with the following suggested text: