Compare commits
2 Commits
071324d199
...
8f9aec7631
| Author | SHA1 | Date | |
|---|---|---|---|
|
8f9aec7631
|
|||
|
bf7f7273e9
|
@@ -624,6 +624,7 @@ def mobile_login(config_section: str | None = None):
|
|||||||
"https://app.myice.hockey/api/mobilerest/login",
|
"https://app.myice.hockey/api/mobilerest/login",
|
||||||
headers=mobile_headers,
|
headers=mobile_headers,
|
||||||
data=f"login_email={base64.b64encode(username.encode()).decode()}&login_password={base64.b64encode(password.encode()).decode()}&language=FR&v=2",
|
data=f"login_email={base64.b64encode(username.encode()).decode()}&login_password={base64.b64encode(password.encode()).decode()}&language=FR&v=2",
|
||||||
|
timeout=(5, 30),
|
||||||
# verify=False,
|
# verify=False,
|
||||||
) as r:
|
) as r:
|
||||||
r.raise_for_status()
|
r.raise_for_status()
|
||||||
|
|||||||
+11
-3
@@ -135,8 +135,13 @@ async def login(request: Request):
|
|||||||
"""Redirect to Infomaniak OIDC login"""
|
"""Redirect to Infomaniak OIDC login"""
|
||||||
import urllib.parse
|
import urllib.parse
|
||||||
|
|
||||||
state = "random_state_string" # In production, use a proper random state
|
import secrets
|
||||||
nonce = "random_nonce_string" # In production, use a proper random nonce
|
|
||||||
|
state = secrets.token_urlsafe(32)
|
||||||
|
nonce = secrets.token_urlsafe(32)
|
||||||
|
# Store in a secure signed session cookie
|
||||||
|
request.state.oidc_state = state
|
||||||
|
request.state.oidc_nonce = nonce
|
||||||
|
|
||||||
# Store state and nonce in session (simplified for this example)
|
# Store state and nonce in session (simplified for this example)
|
||||||
# In production, use proper session management
|
# In production, use proper session management
|
||||||
@@ -155,8 +160,11 @@ async def login(request: Request):
|
|||||||
|
|
||||||
|
|
||||||
@app.get("/callback")
|
@app.get("/callback")
|
||||||
async def callback(code: str, state: str):
|
async def callback(request: Request, code: str, state: str):
|
||||||
"""Handle OIDC callback and exchange code for token"""
|
"""Handle OIDC callback and exchange code for token"""
|
||||||
|
expected_state = request.state.oidc_state
|
||||||
|
if not expected_state or state != expected_state:
|
||||||
|
raise HTTPException(403, detail="Invalid state parameter")
|
||||||
# Exchange authorization code for access token
|
# Exchange authorization code for access token
|
||||||
token_data = {
|
token_data = {
|
||||||
"grant_type": "authorization_code",
|
"grant_type": "authorization_code",
|
||||||
|
|||||||
Reference in New Issue
Block a user