sendnrw/pocket-id
2
0
Fork 0
mirror of https://github.com/pocket-id/pocket-id.git synced 2026-05-16 01:49:52 +00:00
Code Issues Packages Projects Releases Wiki Activity

add support for response_mode=form_post

Browse Source
This commit is contained in:
John van der Wulp
2026-03-04 13:21:44 +01:00
parent 27ca713cd4
commit 1ea5eec7d2
7 changed files with 86 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
backend/internal/controller/oidc_controller.go
View File

@@ -94,6 +94,11 @@ func (oc *OidcController) authorizeHandler(c *gin.Context) {
return
}
// Set the allowed form-action in CSP when response_mode is form_post
if input.ResponseMode == "form_post" && input.CallbackURL != "" {
middleware.SetAllowedFormAction(c, input.CallbackURL)
}
code, callbackURL, err := oc.oidcService.Authorize(c.Request.Context(), input, c.GetString("userID"), c.ClientIP(), c.Request.UserAgent())
if err != nil {
_ = c.Error(err)