search

adfinis / ember-simple-auth-oidc

ember-simple-auth authenticator for the OpenID Connect standard
GNU Lesser General Public License v3.0
22 stars 18 forks source link

Can we add PKCE? #292

Closed wuarmin closed 1 year ago

wuarmin commented 4 years ago

Hello, thanks for this addon. It is great.

For ember apps Authorization Code Flow with PKCE is recommended. Would it be possible to add support for it?

Best regards

bjornharrtell commented 4 years ago

@wuarmin that is what is supported.

wuarmin commented 4 years ago

@bjornharrtell thank you, are you sure? https://oauth.net/2/pkce/ It's an addition to Authorization Code Flow. I cannot find something related in code.

bjornharrtell commented 4 years ago

@wuarmin I'm not 100% sure but I'm successfully using it with two different IdPs that offer Authorization Code Flow with PKCE. As there is no client secret I assumed it would not work if it didn't properly support Authorization Code Flow with PKCE.

turbcool commented 3 years ago

Authorization with PKCE does not work for me (I use IdentityServer4)

bjornharrtell commented 3 years ago

agreed I was mistaken, PKCE is not implemented in this addon (yet)

derrabauke commented 1 year ago

Closing this, as PKCE is implemented. Please open a new issue if PKCE does not work out for you.