challenger

OAuth 2.0-based authentication service that validates user can receive messages at a certain address
Log | Files | Refs | Submodules | README | LICENSE

commit 4f2583e9ab918cf5e760f461c22e516d7d0a16be
parent 834d6652a93e213520e77cf57edd83954bb07a29
Author: Christian Grothoff <grothoff@gnunet.org>
Date:   Thu, 16 Jul 2026 00:09:33 +0200

check expiration already on authorize_start

Diffstat:
Msrc/challengerdb/authorize_start.c | 4++++
1 file changed, 4 insertions(+), 0 deletions(-)

diff --git a/src/challengerdb/authorize_start.c b/src/challengerdb/authorize_start.c @@ -45,6 +45,8 @@ CHALLENGERDB_authorize_start ( bool *solved, struct GNUNET_TIME_Absolute *last_tx_time) { + struct GNUNET_TIME_Absolute now + = GNUNET_TIME_absolute_get (); struct GNUNET_PQ_QueryParam params[] = { GNUNET_PQ_query_param_auto_from_type (nonce), GNUNET_PQ_query_param_uint64 (&client_id), @@ -61,6 +63,7 @@ CHALLENGERDB_authorize_start ( ? GNUNET_PQ_query_param_string (code_challenge) : GNUNET_PQ_query_param_null (), GNUNET_PQ_query_param_uint32 (&code_challenge_method), + GNUNET_PQ_query_param_absolute_time (&now), GNUNET_PQ_query_param_end }; struct GNUNET_PQ_ResultSpec rs[] = { @@ -92,6 +95,7 @@ CHALLENGERDB_authorize_start ( " ,code_challenge_method=$7" " WHERE nonce=$1" " AND client_serial_id=$2" + " AND expiration_time > $8" " AND ( ($5::VARCHAR=client_redirect_uri)" " OR ( ($5::VARCHAR IS NULL)" " AND (client_redirect_uri IS NOT NULL) ) )"