Closed aaronpk closed 3 years ago
~Currently adding this to tonyburns.net via Singulus (https://github.com/craftyphotons/singulus/tree/pkce and https://github.com/doorkeeper-gem/doorkeeper/wiki/Using-PKCE-flow)~
Turns out this was trivial to implement with Doorkeeper for Singulus and was just a matter of adding the columns for it in the grants table.
This was discussed at the IndieAuth Popup Session, and the outcome of the discussion was:
PKCE is very useful, especially for clients that don't have a client secret, which is all IndieAuth clients. We should include this in the spec so that every IndieAuth client and server does PKCE by default.