How to use the openid.response_nonce function in openid

To help you get started, we’ve selected a few openid examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github havard / node-openid / openid.js View on Github external
var _checkNonce = function (params) {
  if (!_isDef(params['openid.ns'])) {
    return true; // OpenID 1.1 has no nonce
  }
  if (!_isDef(params['openid.response_nonce'])) {
    return false;
  }

  var nonce = params['openid.response_nonce'];
  var timestampEnd = nonce.indexOf('Z');
  if (timestampEnd == -1) {
    return false;
  }

  // Check for valid timestamp in nonce
  var timestamp = new Date(Date.parse(nonce.substring(0, timestampEnd + 1)));
  if (Object.prototype.toString.call(timestamp) !== '[object Date]' || isNaN(timestamp)) {
    return false;
  }
    
  // Remove old nonces from our store (nonces that are more skewed than 5 minutes)
github havard / node-openid / openid.js View on Github external
var _checkNonce = function (params) {
  if (!_isDef(params['openid.ns'])) {
    return true; // OpenID 1.1 has no nonce
  }
  if (!_isDef(params['openid.response_nonce'])) {
    return false;
  }

  var nonce = params['openid.response_nonce'];
  var timestampEnd = nonce.indexOf('Z');
  if (timestampEnd == -1) {
    return false;
  }

  // Check for valid timestamp in nonce
  var timestamp = new Date(Date.parse(nonce.substring(0, timestampEnd + 1)));
  if (Object.prototype.toString.call(timestamp) !== '[object Date]' || isNaN(timestamp)) {
    return false;
  }
    
  // Remove old nonces from our store (nonces that are more skewed than 5 minutes)
  _removeOldNonces();

  // Check if nonce is skewed by more than 5 minutes
  if (Math.abs(new Date().getTime() - timestamp.getTime()) > 300000) {
github sandiz / rs-manager / src / preload.js View on Github external
} else {
                        const sls = await window.remote.session.defaultSession.cookies.get({
                            name: 'steamLoginSecure',
                            domain: 'store.steampowered.com'
                        })
                        const sid = await window.remote.session.defaultSession.cookies.get({
                            name: 'sessionid',
                        })
                        const cookie = sls[0].value
                        const cookieSess = sid[0].value
                        authWindow.removeAllListeners('closed');
                        setImmediate(function () {
                            authWindow.close();
                        });
                        resolve({
                            response_nonce: query['openid.response_nonce'],
                            assoc_handle: query['openid.assoc_handle'],
                            identity: query['openid.identity'],
                            steam_id: query['openid.identity'].match(/\/id\/(.*$)/)[1],
                            sig: query['openid.sig'],
                            cookie,
                            cookieSess,
                        });
                    }
                }
github charliecalvert / JsObjects / JavaScript / Authenticate / OpenId02 / server01.js View on Github external
relyingParty.verifyAssertion(request, function(error, result) {
        var isGood = !error &amp;&amp; result.authenticated ? '<h1>Success!</h1>' : '<h1>Failed</h1>';
        res.writeHead(200, {
            'Content-Type': 'text/html'
        });
        res.write(isGood);
        res.write('<p>' + query['openid.assoc_handle'] + '</p>');
        res.write('<p>' + query['openid.claimed_id'] + '</p>');
        res.write('<p>' + query['openid.identity'] + '</p>');
        res.write('<p>' + query['openid.mode'] + '</p>');
        res.write('<p>' + query['openid.ns'] + '</p>');
        res.write('<p>' + query['openid.op_endpoint'] + '</p>');
        res.write('<p>' + query['openid.response_nonce'] + '</p>');
        res.write('<p>' + query['openid.return_to'] + '</p>');
        res.write('<p>' + query['openid.sig'] + '</p>');
        res.write('<p>' + query['openid.signed'] + '</p>');
        res.end('bye');
    });
});