Add pkce essential per client

[nsklikas]

This allows us to have pkce(essential) activated for only some clients

[peppelinux]

It looks good, I Just want to ask to you to put a brief description of this feature in the docs

Probably this Is good Moment to review the general policy of oidc-op with pkce, before merging this

[nsklikas]

What is the right place to document this?

[peppelinux]

https://github.com/IdentityPython/oidc-op/blob/master/docs/source/contents/conf.rst#add_on

What do you think to have a separate section for add_ons?

[nsklikas]

Sure

[nsklikas]

Do you think something like this https://github.com/nsklikas/oidc-op/blob/pkce-per-client/docs/source/contents/conf.rst#pkce ok?

[peppelinux]

Yes, that's great!
I have to be honest, I'd wait some days before having a new roadmap for the next release, including all these precious PRs.

For now I'd like to have all the PR with some good contributions in the docs as well.
You made a great job, after these days of vacation we'll have a new release

[peppelinux]

essential = endpoint_context.args["pkce"].get("essential", False)

@nsklikas how does it sounds to you?

[nsklikas]

It's set in https://github.com/IdentityPython/oidc-op/pull/115/files#diff-60c1d62c690192be5964946a0883424948797ac8682e8ef94d9a59a6c8414d82L135, so it will always be there.

Should I remove that line and add the get?

[peppelinux]

Not so important neither urgent, only if it sounds good to you.
Yes explicit is better than implicit but an absent value (boolan) could be False by default.
That's my tastes, not mandatory for this project!

[rohe]

I guess the

essential = essential = endpoint_context.args["pkce"].get(

line is a typo ?
Shouldn't it be just

essential = endpoint_context.args["pkce"].get(

[nsklikas]

Good catch.

[peppelinux]

@rohe do we think that this could be merged as It Is or do we have to put something more in?

[rohe]

I think we can go ahead with this as it is.