Nonce parameter in OpenID Connect

★★★ お知らせ ★★★

◆ 6月のPS Liveは決済サービスStripeのデモ！◆
決済サービスのStripeでサブスクリプションの支払い機能を作ってみた
Stripeの機能の一部を切り出して、簡単なサブスクリプションを作るとどうなるのかを、デモをまじえてご紹介します。
⇒ 詳細はこちらから

◆【セミナー開催】可視化ツールGrafana～初めてのダッシュボード作成◆
デモンストレーション付き！
本セミナーでは、売上データを用いて、4種類のパネル作成方法をお見せします。
⇒ お申込みはこちらから

◆ エンジニア業務環境アンケート結果 ◆
エンジニアが自分の働き方にどういったことで満足していて、不満を感じているのか、働きたい会社像として何を求めているのか、業務環境調査を実施しました。ぜひご覧ください。
⇒ アンケート結果はこちらから

This post describe the purpose of nonce parameter in OpenID Connect.

In short, nonce parameter prevent a malicious user from Replay Attack which is a category of network attack in which an attacker detects a data transmission and fraudulently has it delayed or repeated.

I will try to explain nonce parameter as clearly as I can.

1 when not using nonce parameter
2 when using nonce parameter

when not using nonce parameter

At first, I’ll show you characters in this post.

	SNS1:Relying Party who is Authenticated by OpenID Connect Provider.
	SNS2:OpenID Connect Provider who provides Authentication to Relying Party.
	A-san:a user of SNS1
	Attacker:attacker who is trying to do Replay Attack.

A-san accesses to SNS1 via Web Browser.

SNS1 redirects A-san to SNS2 Authorization Endpoint.

SNS2 shows A-san Login Page.A-san logs in to SNS1.

SNS2 redirect A-san to Callback URL pre-configured with a query parameter of the Authorization Code.

SNS1 exchanges Authorization Code for ID Token by requesting Token Endpoint.

SNS1 issues ID Token to SNS2,while the attacker intercepts the traffic between SNS1 and SNS2 and gets ID Token.

The attacker sends ID Token obtained previously to SNS1.SNS2 receives the ID Token, verifies it and find it correct one.SNS1 has no way to know that the ID Token is send from the attacker.It’s because iss,sub and any other claims is correct.

when using nonce parameter

I’ll show you the way to prevent an attacker from Replay Attack by nonce parameter.

A-san accesses to SNS1 via Web Browser.

SNS1 redirects A-san to SNS2 Authorization Endpoint.At the same time, SNS1 generates number which is an arbitrary one that can be used just once,stores it in A-san’s session and redirect A-san to Authorization Endpoint whose URL’s query parameter includes nonce value.

SNS2 shows A-san Login Page.A-san logs in to SNS1.

SNS2 redirect A-san to Callback URL pre-configured with a query parameter of the Authorization Code.

SNS1 exchanges Authorization Code for ID Token by requesting Token Endpoint.

SNS1 issues ID Token to SNS2.ID Token includes nonce claim whose value is one generated when SNS1 redirected A-san to Authorization Endpoint.Then, SNS1 receives the ID Token only when tha nonce value including ID Token as nonce claim matches the value stored in A-san’s session.On the other hand, the attacker intercepts the traffic between SNS1 and SNS2 and gets ID Token.

SNS1 remove the nonce value in A-san’s session after validating the ID Token.

The attacker sends the ID Token obtained previously.SNS1 compares the nonce value in ID Token with one in A-san’s session.However, both values do not match, so SNS1 rejects the ID Token sent from the attacker.In this way, nonce parameter prevents an attacker from Replay Attack.

About 武井宜行 251 Articles

Microsoft MVP for Azure🌟「最新の技術を楽しくわかりやすく」をモットーにブログtech-lab.sios.jp)で情報を発信🎤得意分野はAzureによるクラウドネイティブな開発(Javaなど)💻「世界一わかりみの深いクラウドネイティブ on Azure」の動画を配信中📹 https://t.co/OMaJYb3pRN