The above configuration works and it is sending me a code for my backend to authenticate the user.
What I am trying to do is to implement the "code_challenge" outlined in this Google Documentation for better security. So I set in the code_challenge parameters inside additionalParameters.
But when I tried to verify the code in the backend, the google authentication server sents be this {"error": "invalid_grant", "error_description": "code_verifier or verifier is not needed."} which I have no idea whether it is a bug on Google's side or due to me not setting the parameters correctly.
When I inspect the response after running OAuth2Client.authenticate(), the additionalParameters under request key is {}. and also the code_challenge parameter is not found in any part of the response. So I am wondering if the code_challenge is sent to Google, or have I put in the code_challenge parameter in the wrong place?
Capacitor version:
2.4.6
Library version:
OAuth Provider:
Your Plugin Configuration
Affected Platform(s):
Current Behavior
The above configuration works and it is sending me a code for my backend to authenticate the user.
What I am trying to do is to implement the "code_challenge" outlined in this Google Documentation for better security. So I set in the
code_challenge
parameters insideadditionalParameters
.But when I tried to verify the code in the backend, the google authentication server sents be this
{"error": "invalid_grant", "error_description": "code_verifier or verifier is not needed."}
which I have no idea whether it is a bug on Google's side or due to me not setting the parameters correctly.When I inspect the response after running OAuth2Client.authenticate(), the
additionalParameters
underrequest
key is{}
. and also thecode_challenge
parameter is not found in any part of the response. So I am wondering if thecode_challenge
is sent to Google, or have I put in thecode_challenge
parameter in the wrong place?