Merge pull request #17 from yohanesgultom/patch-1

Update README on ensuring nonce is forwarded on authorization page
jeremy379 · May 16, 2024 · 989946e · 989946e
2 parents 86e10fd + d8b0f67
commit 989946e
Showing 1 changed file with 9 additions and 0 deletions.
diff --git a/README.md b/README.md
@@ -111,6 +111,15 @@ In case you want to change the default scopes, add custom claim sets or change t
 php artisan vendor:publish --tag=openid
 ```
 
+### Using nonce
+
+When `nonce` is required, you need to pass it as a query parameter to `passport.authorizations.approve` during authorization step.
+
+Example based on default Passport's `authorize.blade.php`:
+```
+<form method="post" action="{{ route('passport.authorizations.approve').'?nonce='.$request->nonce }}">
+```
+
 ### Optional Configuration
 You can add any JWT Token Headers that you want to the `token_headers` array in your `openid` configuration file.