From c77ea41af0bf1ab7d63d46b04e2f5f64eaa9d6d3 Mon Sep 17 00:00:00 2001 From: Jens L Date: Fri, 5 Jan 2024 19:03:15 +0100 Subject: [PATCH] providers/oauth2: fix missing nonce in token endpoint not being saved (#8073) Signed-off-by: Jens Langhammer --- authentik/providers/oauth2/views/token.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/authentik/providers/oauth2/views/token.py b/authentik/providers/oauth2/views/token.py index b5aaf6b0d..3bf134b09 100644 --- a/authentik/providers/oauth2/views/token.py +++ b/authentik/providers/oauth2/views/token.py @@ -490,12 +490,13 @@ class TokenView(View): auth_time=self.params.authorization_code.auth_time, session_id=self.params.authorization_code.session_id, ) - access_token.id_token = IDToken.new( + access_id_token = IDToken.new( self.provider, access_token, self.request, ) - access_token.id_token.nonce = self.params.authorization_code.nonce + access_id_token.nonce = self.params.authorization_code.nonce + access_token.id_token = access_id_token access_token.save() response = {