Skip to content

Commit

Permalink
Debug cookie state validation
Browse files Browse the repository at this point in the history
  • Loading branch information
@poovamraj
poovamraj committed Oct 10, 2023
1 parent 2e6c4fb commit 17c803e
Show file tree
Hide file tree
Showing 3 changed files with 11 additions and 0 deletions.
7 changes: 7 additions & 0 deletions build.gradle
View file
Original file line number Diff line number Diff line change
Expand Up @@ -91,4 +91,11 @@ task exportVersion() {
doLast {
new File(rootDir, "version.txt").text = "$version"
}
}

jar {
// Will include dependencies to create fat jar
from {
configurations.runtimeClasspath.collect { it.isDirectory() ? it : zipTree(it) }
}
}
1 change: 1 addition & 0 deletions src/main/java/com/auth0/AuthenticationController.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -302,6 +302,7 @@ public void doNotSendTelemetry() {
public Tokens handle(HttpServletRequest request, HttpServletResponse response) throws IdentityVerificationException {
Validate.notNull(request, "request must not be null");
Validate.notNull(response, "response must not be null");
System.out.println("Request Starts - "+request.hashCode());

return requestProcessor.process(request, response);
}
Expand Down
3 changes: 3 additions & 0 deletions src/main/java/com/auth0/RequestProcessor.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -292,6 +292,8 @@ private void assertNoError(HttpServletRequest request) throws InvalidRequestExce
* @throws InvalidRequestException if the request contains a different state from the expected one
*/
private void assertValidState(HttpServletRequest request, HttpServletResponse response) throws InvalidRequestException {
System.out.println("Request URL -"+request.hashCode()+" - "+request.getRequestURL());
System.out.println("State Parameter - "+request.hashCode()+" - "+request.getParameter(KEY_STATE));
String stateFromRequest = request.getParameter(KEY_STATE);

// If response is null, check the Session.
Expand All @@ -302,6 +304,7 @@ private void assertValidState(HttpServletRequest request, HttpServletResponse re
}

String cookieState = TransientCookieStore.getState(request, response);
System.out.println("State Cookie - "+request.hashCode()+" - "+cookieState);

// Just in case state was stored in Session by building auth URL with deprecated method, but then called the
// supported handle method with the request and response
Expand Down

0 comments on commit 17c803e

Please sign in to comment.