From 99812e0b8e74edd70272f846297b144cdde46282 Mon Sep 17 00:00:00 2001
From: Timo Volkmann <34778004+moximoti@users.noreply.github.com>
Date: Mon, 13 Sep 2021 13:56:38 +0200
Subject: [PATCH] pkce: encode code verifier with base64 without padding

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
---
 pkg/client/rp/relaying_party.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pkg/client/rp/relaying_party.go b/pkg/client/rp/relaying_party.go
index a72fa21..669a910 100644
--- a/pkg/client/rp/relaying_party.go
+++ b/pkg/client/rp/relaying_party.go
@@ -289,7 +289,7 @@ func AuthURLHandler(stateFn func() string, rp RelyingParty) http.HandlerFunc {
 
 //GenerateAndStoreCodeChallenge generates a PKCE code challenge and stores its verifier into a secure cookie
 func GenerateAndStoreCodeChallenge(w http.ResponseWriter, rp RelyingParty) (string, error) {
-	codeVerifier := base64.URLEncoding.EncodeToString([]byte(uuid.New().String()))
+	codeVerifier := base64.RawURLEncoding.EncodeToString([]byte(uuid.New().String()))
 	if err := rp.CookieHandler().SetCookie(w, pkceCode, codeVerifier); err != nil {
 		return "", err
 	}