Closed mamico closed 1 month ago
ILGTM
I believe that also the code snippet contained in the main documentation should be aligned to this PR https://github.com/italia/spid-cie-oidc-docs/blob/a65aa1a6ccc2bf03d8c18dd8df2ee22ec2613316/static/pkce.py#L6
In the current implementation,
code_verifier
can exceed the length limits defined in the specification (43-128) because, once the byte string of the correct length is defined, it is base64 encoded to comply with the accepted character constraint, which increases its length.An alternative implementation, as in: https://github.com/RomeoDespres/pkce/blob/master/pkce/__init__.py#L19 could be