cim/zitadel-oidc
5
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

pkce: encode code verifier with base64 without padding

Browse source 
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
This commit is contained in:
Timo Volkmann 2021-09-13 13:56:38 +02:00 committed by GitHub
parent af3a497b6d
commit 99812e0b8e
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
pkg/client/rp/relaying_party.go
View file

@ -289,7 +289,7 @@ func AuthURLHandler(stateFn func() string, rp RelyingParty) http.HandlerFunc {
//GenerateAndStoreCodeChallenge generates a PKCE code challenge and stores its verifier into a secure cookie //GenerateAndStoreCodeChallenge generates a PKCE code challenge and stores its verifier into a secure cookie
func GenerateAndStoreCodeChallenge(w http.ResponseWriter, rp RelyingParty) (string, error) { func GenerateAndStoreCodeChallenge(w http.ResponseWriter, rp RelyingParty) (string, error) {
codeVerifier := base64.URLEncoding.EncodeToString([]byte(uuid.New().String())) codeVerifier := base64.RawURLEncoding.EncodeToString([]byte(uuid.New().String()))
if err := rp.CookieHandler().SetCookie(w, pkceCode, codeVerifier); err != nil { if err := rp.CookieHandler().SetCookie(w, pkceCode, codeVerifier); err != nil {
return "", err return "", err
} }