mirror of
https://gitea.com/Lydanne/buildx.git
synced 2025-07-23 03:38:03 +08:00
vendor: golang.org/x/oauth2 v0.29.0
notable changes - fixes CVE-2025-22868 - oauth2.go: use a more straightforward return value - oauth2: Deep copy context client in NewClient - jws: improve fix for CVE-2025-22868 full diff: https://github.com/golang/oauth2/compare/v0.23.0...v0.29.0 Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This commit is contained in:
4
vendor/golang.org/x/oauth2/pkce.go
generated
vendored
4
vendor/golang.org/x/oauth2/pkce.go
generated
vendored
@@ -21,7 +21,7 @@ const (
|
||||
//
|
||||
// A fresh verifier should be generated for each authorization.
|
||||
// S256ChallengeOption(verifier) should then be passed to Config.AuthCodeURL
|
||||
// (or Config.DeviceAccess) and VerifierOption(verifier) to Config.Exchange
|
||||
// (or Config.DeviceAuth) and VerifierOption(verifier) to Config.Exchange
|
||||
// (or Config.DeviceAccessToken).
|
||||
func GenerateVerifier() string {
|
||||
// "RECOMMENDED that the output of a suitable random number generator be
|
||||
@@ -51,7 +51,7 @@ func S256ChallengeFromVerifier(verifier string) string {
|
||||
}
|
||||
|
||||
// S256ChallengeOption derives a PKCE code challenge derived from verifier with
|
||||
// method S256. It should be passed to Config.AuthCodeURL or Config.DeviceAccess
|
||||
// method S256. It should be passed to Config.AuthCodeURL or Config.DeviceAuth
|
||||
// only.
|
||||
func S256ChallengeOption(verifier string) AuthCodeOption {
|
||||
return challengeOption{
|
||||
|
Reference in New Issue
Block a user