[Question] - Authenticator for authorization code

[morrowyn]

Hi,

I'm trying to use your library. The example code uses an Authenticator which uses the implicit flow. However I'm trying to use the authorization code with pkce, but I can't seem to configure the Authenticator for such usage. The documentation is also unclear on this part on how to set it up.

Regards,

[rbellens]

have you checked out the flutter example in the example directory?

[morrowyn]

Yes, I have, you initiate an openid_client and for every browser Authenticator that needs a Flow, you default to an implicit flow. See https://github.com/appsup-dart/openid_client/blob/c899185b3d61b4774bde604baf59544a7e965bca/lib/openid_client_browser.dart#L39

and https://github.com/appsup-dart/openid_client/blob/master/example/flutter_example/lib/openid_browser.dart

And there is no clear documentation on how to setup a browser client using authorization code with pkce. Maybe I'm missing something, but if you can point out (url or files) where I need to look to set it up, that would be helpful.

[rbellens]

The Authenticator class is merely a wrapper around Flow that handles some common use cases, but it is not necessary to use it. It indeed does not handle pkce on browser. Implementing this should be fairly easy by creating a Flow.authorizationCodeWithPKCE and implementing your own authorize function.

Feel free to add this to the Authenticator class and send a pull request.