akanealw/caddy-proxy-manager
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

fix: add PKCE to OAuth checks and HTTP security response headers

Browse Source 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
fuomag9
2026-02-25 18:43:00 +01:00
parent a1c18cf09c
commit 48385684f9
2 changed files with 26 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/lib/auth.ts
View File

@@ -89,7 +89,7 @@ function createOAuthProviders(): OAuthConfig<any>[] {
authorization: config.oauth.authorizationUrl ?? undefined,
token: config.oauth.tokenUrl ?? undefined,
userinfo: config.oauth.userinfoUrl ?? undefined,
checks: ["state"],
checks: ["pkce", "state"],
profile(profile) {
return {
id: profile.sub ?? profile.id,