go-oidc Add support for code_challenge_methods

Add support for code_challenge_methods_supported

Open nabokihms opened this issue 1 year ago • 2 comments

This is required if an RP wants to use PKCE, but doesn't know whether the provider supports the code challenge or not.

Dec 27 '23 14:12 nabokihms

This is from the Rfc 8414 https://www.rfc-editor.org/rfc/rfc8414.html (missed that this is not a part of the oidc spec). I think claims is what I need, thank you for pointing me.

Dec 27 '23 17:12 nabokihms

Thanks! For what it's worth, I think adding support for supplementary specs is great. I'd just want to figure out if there's any additional API we can present more than parsing the string.

E.g. what we do for the at_hash support or device authorization https://github.com/coreos/go-oidc/pull/365

Dec 27 '23 19:12 ericchiang

go-oidc go-oidc copied to clipboard

Add support for code_challenge_methods_supported

go-oidc
go-oidc copied to clipboard