Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

handler: Adds PKCE implementation for none and S256 #246

Merged
merged 2 commits into from
Feb 7, 2018
Merged

handler: Adds PKCE implementation for none and S256 #246

merged 2 commits into from
Feb 7, 2018

Conversation

aeneasr
Copy link
Member

@aeneasr aeneasr commented Feb 6, 2018
edited
Loading

This change adds PKCE support for methods none and S256 and adds it per default to the composer with forced PKCE and method none disallowed. These settings can be configured using compose.Config.AllowPublicAuthCodeFlowWithoutPKCE and compose.Config.EnablePKCEPlainChallengeMethod.

Closes #213

To do:

  • Add integration tests for public clients using PKCE
  • Add integration tests for pbulic clients without PKCE

@aeneasr aeneasr added the feat New feature or request. label Feb 6, 2018
@aeneasr aeneasr self-assigned this Feb 6, 2018
@aeneasr aeneasr mentioned this pull request Feb 6, 2018
Closed
@coveralls
Copy link

coveralls commented Feb 7, 2018
edited
Loading

Coverage Status

Coverage increased (+0.7%) to 85.525% when pulling 59e89c9 on add-pkce into b94312e on master.

@aeneasr aeneasr merged commit 4512853 into master Feb 7, 2018
@aeneasr aeneasr deleted the add-pkce branch February 7, 2018 10:00
budougumi0617 added a commit to budougumi0617/fosite that referenced this pull request May 10, 2019
@budougumi0617
handler: Adds PKCE implementation for none and S256 (ory#246)
fa1fa20 
This patch adds support for PKCE (https://tools.ietf.org/html/rfc7636) which is used by native apps (mobile) and prevents eavesdropping attacks against authorization codes.

PKCE is enabled by default but not enforced. Challenge method plain is disabled by default. Both settings can be changed using `compose.Config.EnforcePKCE` and `compose.config.EnablePKCEPlainChallengeMethod`.

Closes ory#213
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@aeneasr aeneasr

Labels
feat New feature or request.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@aeneasr @coveralls