oauth2 icon indicating copy to clipboard operation
oauth2 copied to clipboard
verified publisher icon golang

No option for PKCE plain challenge option

Open EPoikans opened this issue 1 year ago • 0 comments

According to RFC 7636 the PKCE code challenge can have S256 or plain options even though you should'nt use plain.
I was working on implementing PKCE and couldn't find a PlainChallengeOption function and had to just add the correct values to the auth code options.
I propose adding this simple function and will submit a PR of it if there is no opposition to this enhancement.

The current code for S256 in pkce.go file

// S256ChallengeOption derives a PKCE code challenge derived from verifier with
// method S256. It should be passed to Config.AuthCodeURL or Config.DeviceAccess
// only.
func S256ChallengeOption(verifier string) AuthCodeOption {
	return challengeOption{
		challenge_method: "S256",
		challenge:        S256ChallengeFromVerifier(verifier),
	}
}

EPoikans avatar Aug 10 '24 18:08 EPoikans