Add support for PKCE for connected services #193
Labels
cooldown
Issues to be tackled during cooldown
Comments
This was referenced May 17, 2024
leafty
added a commit
that referenced
this issue
May 29, 2024
Fixes #193, fixes #210. Add PKCE support and store `next_url` in the database. * PKCE support is indicated by a new field, `use_pkce`, added to OAuth2 Clients. Note that only GitLab providers can support PKCE for now. * Stores the `next_url` parameter in the database instead of passing it around as a query parameter. This allows final redirects to be customized for GitHub which does not allow extra query parameters.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Currently PKCE is not supported but the authlib library we use should easily support PKCE.
This is the library docs page: https://docs.authlib.org/en/latest/index.html
And I think that the way to use PKCE is described here: https://docs.authlib.org/en/latest/client/oauth2.html#add-pkce-for-authorization-code
The text was updated successfully, but these errors were encountered: