Validate OIDC Session State

bitly · Jan 15, 2019 · 9249b07 · 9249b07
1 parent b7ad46b
commit 9249b07
Showing 1 changed file with 11 additions and 0 deletions.
diff --git a/providers/oidc.go b/providers/oidc.go
@@ -128,3 +128,14 @@ func (p *OIDCProvider) createSessionState(ctx context.Context, token *oauth2.Tok
 		Email:        claims.Email,
 	}, nil
 }
+
+// ValidateSessionState checks that the session's IDToken is still valid
+func (p *OIDCProvider) ValidateSessionState(s *SessionState) bool {
+	ctx := context.Background()
+	_, err := p.Verifier.Verify(ctx, s.IDToken)
+	if err != nil {
+		return false
+	}
+
+	return true
+}