fix: update oidc to encrypt code and tokens url safe (#1616)

2025-08-12 07:47:32 +00:00 · 2021-04-20 10:01:47 +02:00
parent 1f72eaab82
commit b04c97d21e
3 changed files with 6 additions and 8 deletions
--- a/internal/authz/repository/eventsourcing/eventstore/token_verifier.go
+++ b/internal/authz/repository/eventsourcing/eventstore/token_verifier.go
@@ -69,7 +69,7 @@ func (repo *TokenVerifierRepo) TokenByID(ctx context.Context, tokenID, userID st
 func (repo *TokenVerifierRepo) VerifyAccessToken(ctx context.Context, tokenString, clientID string) (userID string, agentID string, prefLang, resourceOwner string, err error) {
 	ctx, span := tracing.NewSpan(ctx)
 	defer func() { span.EndWithError(err) }()
-	tokenData, err := base64.URLEncoding.DecodeString(tokenString)
+	tokenData, err := base64.RawURLEncoding.DecodeString(tokenString)
 	if err != nil {
 		return "", "", "", "", caos_errs.ThrowUnauthenticated(nil, "APP-ASdgg", "invalid token")
 	}