refactor: cleanup use of checkPKCE

panva · Jan 8, 2023 · 864cf94 · 864cf94
1 parent 67e208e
commit 864cf94
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 3 deletions.
diff --git a/lib/actions/authorization/check_pkce.js b/lib/actions/authorization/check_pkce.js
@@ -29,8 +29,7 @@ export default function checkPKCE(ctx, next) {
     }
   }
 
-  // checking for response_type presence disables the need for PKCE for device_code grant
-  if (typeof params.response_type === 'string' && params.response_type.includes('code')) {
+  if (params.response_type.includes('code')) {
     if (
       !params.code_challenge
       && (

diff --git a/lib/actions/authorization/index.js b/lib/actions/authorization/index.js
@@ -169,7 +169,7 @@ export default function authorizationAction(provider, endpoint) {
   use(() => checkOpenidScope.bind(undefined, allowList),    A, DA,            PAR, BA);
   use(() => checkRedirectUri,                               A,                PAR    );
   use(() => checkWebMessageUri,                             A,                PAR    );
-  use(() => checkPKCE,                                      A, DA,            PAR    );
+  use(() => checkPKCE,                                      A,                PAR    );
   use(() => checkClaims,                                    A, DA,            PAR, BA);
   use(() => checkMaxAge,                                    A, DA,            PAR, BA);
   use(() => checkRequestedExpiry,                                                  BA);