adding additional clarification on PKCE parameters

oauthlib · Oct 29, 2021 · 08686da · 08686da
1 parent cb484ff
commit 08686da
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 7 deletions.
diff --git a/oauthlib/oauth2/rfc6749/clients/base.py b/oauthlib/oauth2/rfc6749/clients/base.py
@@ -103,13 +103,13 @@ def __init__(self, client_id,
         :param state_generator: A no argument state generation callable. Defaults
         to :py:meth:`oauthlib.common.generate_token`.
 
-        :param code_verifier: A cryptographically random string that is used to correlate the
+        :param code_verifier: PKCE parameter. A cryptographically random string that is used to correlate the
         authorization request to the token request.
 
-        :param code_challenge: A challenge derived from the code verifier that is sent in the
+        :param code_challenge: PKCE parameter. A challenge derived from the code verifier that is sent in the
         authorization request, to be verified against later.
 
-        :param code_challenge_method: A method that was used to derive code challenge.
+        :param code_challenge_method: PKCE parameter. A method that was used to derive code challenge.
         Defaults to "plain" if not present in the request.
         """
 

diff --git a/oauthlib/oauth2/rfc6749/parameters.py b/oauthlib/oauth2/rfc6749/parameters.py
@@ -45,10 +45,11 @@ def prepare_grant_uri(uri, client_id, response_type, redirect_uri=None,
                   back to the client.  The parameter SHOULD be used for
                   preventing cross-site request forgery as described in
                   `Section 10.12`_.
-    :param code_challenge: A challenge derived from the code verifier that is sent in the
-                           authorization request, to be verified against later.
-    :param code_challenge_method: A method that was used to derive code challenge.
-                                  Defaults to "plain" if not present in the request.
+    :param code_challenge: PKCE paramater. A challenge derived from the 
+                           code_verifier that is sent in the authorization 
+                           request, to be verified against later.
+    :param code_challenge_method: PKCE parameter. A method that was used to derive the 
+                                  code_challenge. Defaults to "plain" if not present in the request.
     :param kwargs: Extra arguments to embed in the grant/authorization URL.
 
     An example of an authorization code grant authorization URL: