kratos icon indicating copy to clipboard operation
kratos copied to clipboard
verified publisher icon ory

feat: add support for Proof Key For Code Exchange (PKCE) in OIDC social providers

Open OskarsPakers opened this issue 1 year ago • 1 comments

Adds support for Proof Key For Code Exchange (PKCS) in OIDC social providers according to rfc7636 https://datatracker.ietf.org/doc/html/rfc7636

Related issue(s)

#4009

Checklist

  • [x] I have read the contributing guidelines.
  • [x] I have referenced an issue containing the design document if my change introduces a new feature.
  • [x] I am following the contributing code guidelines.
  • [x] I have read the security policy.
  • [x] I confirm that this pull request does not address a security vulnerability. If this pull request addresses a security vulnerability, I confirm that I got the approval (please contact [email protected]) from the maintainers to push the changes.
  • [x] I have added tests that prove my fix is effective or that my feature works.
  • [x] I have added or changed the documentation.

Further Comments

Supports methods s256 and plain. AuthCodeURLOptions method signature does not return err, therefore can`t return an error. Should we change the signature of the method and lift the functionality up to the strategy code?

OskarsPakers avatar Aug 13 '24 09:08 OskarsPakers

CLA assistant check
All committers have signed the CLA.

CLAassistant avatar Aug 13 '24 09:08 CLAassistant

Closing this one as it seems to be continued in https://github.com/ory/kratos/pull/4033

OskarsPakers avatar Sep 04 '24 07:09 OskarsPakers