diff options
Diffstat (limited to 'src/scm/webid-oidc/authorization-endpoint.scm')
-rw-r--r-- | src/scm/webid-oidc/authorization-endpoint.scm | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/src/scm/webid-oidc/authorization-endpoint.scm b/src/scm/webid-oidc/authorization-endpoint.scm index 3c4a730..9ff994c 100644 --- a/src/scm/webid-oidc/authorization-endpoint.scm +++ b/src/scm/webid-oidc/authorization-endpoint.scm @@ -29,7 +29,11 @@ #:use-module (ice-9 receive) #:use-module (ice-9 optargs)) -(define*-public (make-authorization-endpoint subject the-password alg jwk validity +(define (verify-password encrypted-password password) + (let ((c (crypt password encrypted-password))) + (string=? c encrypted-password))) + +(define*-public (make-authorization-endpoint subject encrypted-password alg jwk validity #:key (http-get http-get) (current-time current-time)) @@ -81,7 +85,7 @@ (error-no-redirect-uri locale)) ((and (eq? method 'POST) (string? password) - (string=? password the-password)) + (verify-password encrypted-password password)) (with-exception-handler (lambda (error) (error-application locale error)) @@ -123,7 +127,7 @@ (else (authorization-page locale (not (and password - (string=? password the-password))) + (verify-password encrypted-password password))) client-id uri))))))) |