Support authorization code grant without client_secret #5
Comments
timgates42
added a commit
to iress/OAuth2Client
that referenced
this issue
Sep 3, 2022
Addresses issue antechrestos#5 which seems to be the only missing piece to get PKCE authentication working with Okta PKCE auth for a native application deployment.
timgates42
added a commit
to iress/OAuth2Client
that referenced
this issue
Sep 3, 2022
Addresses issue antechrestos#5 which seems to be the only missing piece to get PKCE authentication working with Okta PKCE auth for a native application deployment.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi Benjamin,
This library looks super useful, especially for the handling of the loopback redirect server!
Currently though omitting the
client_secretin theServiceInformationconstructor results in the following error:As I understand it the
client_secretis not applicable in the case of a public client/application because they cannot hold credentials securely.I may be missing something here, but it would be great if there were support for the authorization code grant without the
client_secret.Also +1 for Authorization Code Grant Flow with PKCE support!
Thanks
The text was updated successfully, but these errors were encountered: