diff --git a/api.planx.uk/modules/auth/strategy/microsoft-oidc.ts b/api.planx.uk/modules/auth/strategy/microsoft-oidc.ts index 593cd49e62..82fcc437b1 100644 --- a/api.planx.uk/modules/auth/strategy/microsoft-oidc.ts +++ b/api.planx.uk/modules/auth/strategy/microsoft-oidc.ts @@ -47,6 +47,7 @@ const verifyCallback: StrategyVerifyCallbackReq = async ( done, ): Promise => { // TODO: use tokenSet.state to pass the redirectTo query param through the auth flow + // TODO: validate id_token sig with the public key from the jwks_uri (...v2.0/keys) const claims: IdTokenClaims = tokenSet.claims(); // ensure the response is authentic by comparing nonce