From e310248d9ce6573acf685cb04532fe4fd0baf1b8 Mon Sep 17 00:00:00 2001
From: tfcornerstone <57731343+tfcornerstone@users.noreply.github.com>
Date: Mon, 5 Feb 2024 10:23:47 -0500
Subject: [PATCH] Fix issue with Keycloak IDP nonce mismatch (#67)

* Fix issue with Keycloak IDP nonce mismatch

* Use usersession note instead

---------

Co-authored-by: Nadeem Majumder <nadeem.majumder@tfc.com>
---
 .../keycloak/magic/auth/token/MagicLinkActionTokenHandler.java   | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/main/java/io/phasetwo/keycloak/magic/auth/token/MagicLinkActionTokenHandler.java b/src/main/java/io/phasetwo/keycloak/magic/auth/token/MagicLinkActionTokenHandler.java
index 2617a99..d475d65 100644
--- a/src/main/java/io/phasetwo/keycloak/magic/auth/token/MagicLinkActionTokenHandler.java
+++ b/src/main/java/io/phasetwo/keycloak/magic/auth/token/MagicLinkActionTokenHandler.java
@@ -86,6 +86,7 @@ public Response handleToken(
       }
       if (token.getNonce() != null) {
         authSession.setClientNote(OIDCLoginProtocol.NONCE_PARAM, token.getNonce());
+        authSession.setUserSessionNote(OIDCLoginProtocol.NONCE_PARAM, token.getNonce());
       }
     }