diff options
author | Matthias Benkard <matthias.benkard@egym.de> | 2015-04-14 08:39:27 +0000 |
---|---|---|
committer | Matthias Andreas Benkard <code@mail.matthias.benkard.de> | 2015-04-23 21:55:02 +0200 |
commit | ba65cc50b7b468f0738398312a468ea413727bdc (patch) | |
tree | 19749bd8803a2f718013cf8901c04ea658f98731 /build.PL | |
parent | faea34e5c94922645b337bdeb5db32871eb1fde9 (diff) |
QT-1900 Add a CSRF token to the OIDC login flow.
This improves security by generating a CSRF token, passing it to the
OIDC IdP, and validating it afterwards. The token is stored in
a cookie reverse-encrypted with MulkyID's private key.
Diffstat (limited to 'build.PL')
-rw-r--r-- | build.PL | 4 |
1 files changed, 3 insertions, 1 deletions
@@ -29,7 +29,9 @@ my $build = Net::MulkyID::Builder->new "OIDC::Lite::Client::WebServer" => 0, "OIDC::Lite::Model::IDToken" => 0, "LWP::UserAgent" => 0, - "HTTP::Request" => 0 + "HTTP::Request" => 0, + "Math::Random::ISAAC::XS" => 0, + "Bytes::Random::Secure" => 0 }, build_requires => { "LWP::Simple" => 0, |