braunsonm
commented
2 years ago PKCE*
I could look at adding this support. Could you point me to where oauth2-proxy tests run against this mockoidc server?
Closed NickMeves closed 2 years ago
braunsonm
commented
2 years ago PKCE*
I could look at adding this support. Could you point me to where oauth2-proxy tests run against this mockoidc server?
JoelSpeed
commented
2 years ago Yeah agreed, this would be good to get in. For now, in this test I just wrote a middleware that returned a discovery document pretending to support to code algorithms, so we have a test, it's just not ideal, and if we want to do more thorough testing with this package, I think it would be good to have actual support within the mockoidc provider
NickMeves
commented
2 years ago I looked over the code to remind myself the architecture again (its been a while):
Looks like session.go is the ideal spot to store the challenge code & method. With the Authorize and Token calls under handlers being the spots to handle the 2 ends of the flow (assuming I'm remembering PKCE right).
@JoelSpeed - I think you mentioned you had a PR or 2 integrating this into a few of our provider unit tests?
This might be good to think about support for @braunsonm 's PR adding PKCE support specifically to OIDC providers.