react-simple-auth icon indicating copy to clipboard operation
react-simple-auth copied to clipboard

Published 20 hours ago verified publisher icon mattmazzola

Support Authorization Code Grant

Open flyfishMT opened this issue 5 years ago • 1 comments

Thanks for the great work. I have a Feature Request - I don't think it would take too much to support Authorization Code Grant with a Public Client (no client secret). This seems to be recommended more these days over implicit for Single Page Apps. Also, it would give the opportunity to implement a refresh token. Thanks

flyfishMT avatar Jul 15 '19 22:07 flyfishMT

Here are some supporting docs -

  • https://medium.com/@robert.broeckelmann/securely-using-the-oidc-authorization-code-flow-and-a-public-client-with-single-page-applications-55e0a648ab3a
  • https://developer.okta.com/blog/2019/08/22/okta-authjs-pkce

I'd be interested in submitting a PR, but would like some guidance and where to the HTTP calls would live, what HTTP library to use, etc.

flyfishMT avatar Aug 23 '19 20:08 flyfishMT