Support Authorization Code Flow with PKCE about generic-oauth2 HOT 9 CLOSED

OauthSwift 1.3.0 was released today. :)

from generic-oauth2.

Note that OAuthSwift added support for PKCE OAuthSwift/OAuthSwift#501 (comment)

from generic-oauth2.

For code response type PKCE will be enabled by default because it's the most common use case for code.

A additional option will allow disabling this default behaviour.

For this task the challenge itself and the method is set by the plugin, depending on the platform the method is plain (web) or S256 (Android, iOS).

In any case the challenge and the method along is return in the response parameters so users can store it as it suites them.

from generic-oauth2.

https://developer.okta.com/authentication-guide/implementing-authentication/auth-code-pkce
https://developer.okta.com/authentication-guide/auth-overview/#authorization-code-with-pkce-flow

from generic-oauth2.

This does not include having to use the app secret, which will not be supported because of security reasons.

from generic-oauth2.

While looking deeply into Facebook's SDK I think as soon as PKCE is supported also FB might be supported out of the box

from generic-oauth2.

iOS: OAuthSwift with PKCE is not released yet!
Android: appAuth supports PKCE
Web: own impl will support it as well ;)

from generic-oauth2.

Althougth it might be easier for me as plugin developer to leave everything to the user but as a user I don't want to do PKCE myself. So I most probably introduce 1-2 dependencies to the web part and let the plugin handle everything.

from generic-oauth2.

As mentioned above PKCE is enabled by default if code flow is used.

To disable PKCE set the new option pkceDisabled to true.

Note: I tested PKCE only with Google OAuth provider, which does not require the usage of PKCE and works with and without it.

@mraible Could you please test this with your provider (okta) and give me a feedback. Do you need #18 as well to make it work? If not I would release the pkce feature right away ;)

from generic-oauth2.