aboutsummaryrefslogtreecommitdiff
path: root/www/authenticate.js
diff options
context:
space:
mode:
authorMatthias Benkard <matthias.benkard@egym.de>2015-04-14 08:39:27 +0000
committerMatthias Andreas Benkard <code@mail.matthias.benkard.de>2015-04-23 21:55:02 +0200
commitba65cc50b7b468f0738398312a468ea413727bdc (patch)
tree19749bd8803a2f718013cf8901c04ea658f98731 /www/authenticate.js
parentfaea34e5c94922645b337bdeb5db32871eb1fde9 (diff)
QT-1900 Add a CSRF token to the OIDC login flow.
This improves security by generating a CSRF token, passing it to the OIDC IdP, and validating it afterwards. The token is stored in a cookie reverse-encrypted with MulkyID's private key.
Diffstat (limited to 'www/authenticate.js')
0 files changed, 0 insertions, 0 deletions