= 0921535ae2 Feat: Enhance OIDC nonce handling with middleware and session support
- Introduced `CaptureOidcNonce` middleware to capture and store nonce in session during GET requests.
- Updated `CustomAuthCodeRepository` to resolve nonce from session if not present in POST requests, ensuring seamless handling.
- Registered middleware in `bootstrap/app.php` for web routes.
- Adjusted `LoginResponse` to use `redirect()->intended` for improved redirection logic.
- Added comprehensive feature tests to validate nonce capture, session storage, and cache resolution workflows.
2026-06-17 09:17:06 +00:00

25 lines
725 B
PHP

<?php
declare(strict_types=1);
use Illuminate\Foundation\Application;
use Illuminate\Foundation\Configuration\{Exceptions, Middleware};
return Application::configure(basePath: dirname(__DIR__))
->withRouting(
web: __DIR__.'/../routes/web.php',
api: __DIR__.'/../routes/api.php',
commands: __DIR__.'/../routes/console.php',
health: '/up',
)
->withMiddleware(function (Middleware $middleware): void {
$middleware->web(append: [
App\Http\Middleware\CaptureOidcNonce::class,
]);
$middleware->validateCsrfTokens(except: [
'keka/callback',
]);
})
->withExceptions(function (Exceptions $exceptions): void {})->create();