From 036eea6a850a7eb4de8f48fb3e8047c1e5095f8c Mon Sep 17 00:00:00 2001
From: Stefano Vercelli <stefano.vercelli@telecomitalia.it>
Date: Tue, 6 Oct 2015 14:05:56 +0200
Subject: [PATCH] Fix missing nonce bug

---
 index.js | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/index.js b/index.js
index ef1add7..a10d744 100644
--- a/index.js
+++ b/index.js
@@ -557,6 +557,7 @@ OpenIDConnect.prototype.auth = function() {
                                         user: req.session.user,
                                         sub: req.session.sub||req.session.user,
                                         code: token,
+                                        nonce: params.nonce,
                                         redirectUri: params.redirect_uri,
                                         responseType: params.response_type,
                                         status: 'created'
@@ -928,6 +929,7 @@ OpenIDConnect.prototype.token = function() {
                                     exp: d+3600,
                                     iat: d
                             };
+                            if(prev.auth.nonce) id_token.nonce = prev.auth.nonce;
                             req.model.access.create({
                                     token: access,
                                     type: 'Bearer',