DefinedNet
diff --git a/‎example/idtoken/app.go
Lines changed: 1 addition & 2 deletions b/‎example/idtoken/app.go
Lines changed: 1 addition & 2 deletions
diff --git a/‎example/nonce/app.go
Lines changed: 5 additions & 10 deletions b/‎example/nonce/app.go
Lines changed: 5 additions & 10 deletions
diff --git a/‎gen.go
Lines changed: 0 additions & 150 deletions b/‎gen.go
Lines changed: 0 additions & 150 deletions
@@ -28,8 +28,7 @@ func main() {
 		log.Fatal(err)
 	}
 	oidcConfig := &oidc.Config{
-		ClientID:       clientID,
-		SkipNonceCheck: true,
+		ClientID: clientID,
 	}
 	verifier := provider.Verifier(oidcConfig)
 
 
@@ -5,7 +5,6 @@ package main
 
 import (
 	"encoding/json"
-	"errors"
 	"log"
 	"net/http"
 	"os"
@@ -23,13 +22,6 @@ var (
 
 const appNonce = "a super secret nonce"
 
-func ClaimNonce(nonce string) error {
-	if nonce != appNonce {
-		return errors.New("unregonized nonce")
-	}
-	return nil
-}
-
 func main() {
 	ctx := context.Background()
 
@@ -39,8 +31,7 @@ func main() {
 	}
 
 	oidcConfig := &oidc.Config{
-		ClientID:   clientID,
-		ClaimNonce: ClaimNonce,
+		ClientID: clientID,
 	}
 	// Use the nonce source to create a custom ID Token verifier.
 	nonceEnabledVerifier := provider.Verifier(oidcConfig)
@@ -82,6 +73,10 @@ func main() {
 			http.Error(w, "Failed to verify ID Token: "+err.Error(), http.StatusInternalServerError)
 			return
 		}
+		if idToken.Nonce != appNonce {
+			http.Error(w, "Invalid ID Token nonce", http.StatusInternalServerError)
+			return
+		}
 
 		resp := struct {
 			OAuth2Token   *oauth2.Token
Original file line number	Diff line number	Diff line change
`@@ -28,8 +28,7 @@ func main() {`
`28`	`28`	`log.Fatal(err)`
`29`	`29`	`}`
`30`	`30`	`oidcConfig := &oidc.Config{`
`31`		`- ClientID: clientID,`
`32`		`- SkipNonceCheck: true,`
	`31`	`+ ClientID: clientID,`
`33`	`32`	`}`
`34`	`33`	`verifier := provider.Verifier(oidcConfig)`
`35`	`34`