mirror/oidc
1
0
Fork 0
mirror of https://github.com/zitadel/oidc.git synced 2026-05-12 13:48:27 -05:00
Code Issues Packages Projects Releases Wiki Activity

feat(op): PKCE Verification in Legacy Server when AuthMethod is not NONE and CodeVerifier is not Empty (#496)

Browse Source 
* add logic for legacy server pkce verification when auth method is not None, and code verifier is not empty.

* update per Tim's direction
This commit is contained in:
Stephen Andary
2023-12-07 10:36:03 -05:00
committed by GitHub
parent ed21cdd4ce
commit 9d12d1d900
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
pkg/op/server_legacy.go
+1 -1
View File
@@ -205,7 +205,7 @@ func (s *LegacyServer) CodeExchange(ctx context.Context, r *ClientRequest[oidc.A
if err != nil {
return nil, err
}
if r.Client.AuthMethod() == oidc.AuthMethodNone {
if r.Client.AuthMethod() == oidc.AuthMethodNone || r.Data.CodeVerifier != "" {
if err = AuthorizeCodeChallenge(r.Data.CodeVerifier, authReq.GetCodeChallenge()); err != nil {
return nil, err
}