You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
ifoauth_access_token==expected_tokenandoauth_expiresandoauth_expires>ngx.time() then
Currently, an attacker could choose an arbitrary email and expiry date and use the time taken by the equality check to find the correct value for oauth_access_token. They would then be logged in as the targeted email address. It seems like this would probably take days/weeks of sustained traffic to pull off.
The text was updated successfully, but these errors were encountered:
I think the equality comparison on this line needs to be constant-time to avoid a timing vulnerability:
nginx-google-oauth/access.lua
Line 58 in c01b230
Currently, an attacker could choose an arbitrary email and expiry date and use the time taken by the equality check to find the correct value for
oauth_access_token. They would then be logged in as the targeted email address. It seems like this would probably take days/weeks of sustained traffic to pull off.The text was updated successfully, but these errors were encountered: