search

Dan6erbond / sk-auth

Authentication library for use with SvelteKit featuring built-in OAuth providers and zero restriction customization!
MIT License
578 stars 70 forks source link

Question / Feature Request: Support for PKCE / RFC 7636: Proof Key for Code Exchange #80

Open ar4hc opened 2 years ago

ar4hc commented 2 years ago

Is this already somewhere or planned...?

PKCE (RFC 7636) is an extension to the Authorization Code flow to prevent CSRF and authorization code injection attacks.

see https://oauth.net/2/pkce/