Support authorization code grant w/ PKCE #41
Comments
|
I'm glad you brought this up however I want to give this a bit more thought than what you're currently proposing. This lib was originally written before the implicit grant became "legacy" (see here for context) so really what this lib should do is now fully support the authorization code grant more formally vs utilizing a hook. I'll try to get something out by end of week. |
|
@ricokahler thank you for your quick & very interesting reply! I would be happy to help. Looking at the details, it really looks like the flow just needs to have an optional "getToken" function after the initial flow to convert code => token, and an optional "refreshToken" if available. Can I help? |
ricokahler
changed the title
|
@ricokahler any changes in this matter? Does the library support |
|
@filipkowal no this lib was built primarily for the implicit grant but i understand that that's no longer recommended. i'm a bit busy with a few other projects so if you would like to implement this, i am accepting PRs! |
Some authentication services return a "code" as part of the OAuth flow and that eventually needs to be converted into a full token. It'd be great to be able to use afterResponse to perform an API request to convert the temporary code into the token?
The text was updated successfully, but these errors were encountered: