-
-
Notifications
You must be signed in to change notification settings - Fork 68
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Implement PKCE #91
base: master
Are you sure you want to change the base?
Implement PKCE #91
Conversation
Aww man! I was going to implement this, but you beat me to it. |
I think it would be a good idea to add a test with the examples in Appendix A and Appendix B. |
I'll see If I have time later for this. But feel free to contribute with the tests if you need it right away :) |
I'm still new to Elixir, but I may give it a try later :) |
Waiting for this to be merged to upstream. A very good PR! Just one note.
What do you think? |
@Ross65536 Made a PR to your repo :) |
Implement PKCE for authorization code grant type, as per RFC-7637:
code_challenge
andcode_challenge_method
tooauth_access_grants
table which will contain the PKCE information. Add instructions for upgrading.use_pkce
. Iftrue
when issuing grants thecode_challenge
andcode_challenge_method
query fields are mandatory and are saved to the grant model. Iffalse
these fields are ignored and the corresponding grant models are set tonil
code_challenge_method
field set. If set to a value not nil then thecode_verifier
query field is mandatory and it's used to check against the grant'scode_challenge
field. If set to nil this query parameter is ignored and the grant acts as though PKCE is disabled.Partially inspired by #61