diff options
author | Pieter Ennes <pieter@authentiq.com> | 2017-09-12 22:26:19 +0100 |
---|---|---|
committer | Pieter Ennes <pieter@authentiq.com> | 2017-09-17 21:08:08 +0100 |
commit | 32319c82375e1d892c8bab258ce57686793e00df (patch) | |
tree | 43a4db2a60d076cfc0626a6fd96b04a23124012e /oauthlib | |
parent | bc0fd83fa7693db7d80ce19825470b3e210753c5 (diff) | |
download | oauthlib-32319c82375e1d892c8bab258ce57686793e00df.tar.gz |
Add nonce to docstring.
Diffstat (limited to 'oauthlib')
-rw-r--r-- | oauthlib/oauth2/rfc6749/grant_types/openid_connect.py | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/oauthlib/oauth2/rfc6749/grant_types/openid_connect.py b/oauthlib/oauth2/rfc6749/grant_types/openid_connect.py index a410b02..4c98864 100644 --- a/oauthlib/oauth2/rfc6749/grant_types/openid_connect.py +++ b/oauthlib/oauth2/rfc6749/grant_types/openid_connect.py @@ -141,6 +141,13 @@ class OpenIDConnectBase(object): def openid_authorization_validator(self, request): """Perform OpenID Connect specific authorization request validation. + nonce + OPTIONAL. String value used to associate a Client session with + an ID Token, and to mitigate replay attacks. The value is + passed through unmodified from the Authentication Request to + the ID Token. Sufficient entropy MUST be present in the nonce + values used to prevent attackers from guessing values + display OPTIONAL. ASCII string value that specifies how the Authorization Server displays the authentication and consent |