Validate OIDC Session State

2018-06-21 11:31:21 +01:00 · 2018-06-21 11:31:21 +01:00 · cac2c9728d
commit cac2c9728d
parent 1b638f32ac
1 changed files with 11 additions and 0 deletions
--- a/providers/oidc.go
+++ b/providers/oidc.go
@ -128,3 +128,14 @@ func (p *OIDCProvider) createSessionState(ctx context.Context, token *oauth2.Tok
 		Email:        claims.Email,
 	}, nil
 }
+
+// ValidateSessionState checks that the session's IDToken is still valid
+func (p *OIDCProvider) ValidateSessionState(s *SessionState) bool {
+	ctx := context.Background()
+	_, err := p.Verifier.Verify(ctx, s.IDToken)
+	if err != nil {
+		return false
+	}
+
+	return true
+}