The mandatory 'code_challenge' parameter is missing.

[elfico]

Describe the bug After configuring all settings, when the login button is clicked, I get the error: error:invalid_request error_description:The mandatory 'code_challenge' parameter is missing. error_uri:https://documentation.openiddict.com/errors/ID2029

Even after removing the PKCE requirement, the error still persists

To Reproduce Steps to reproduce the behavior:

1. Configure plugin with all necessary parameters.
2. Try login on the login page.

Expected behavior The login page should be loaded.

Isolating the problem (mark completed items with an [x]):

• [ ] I can reproduce this bug consistently using the steps above.

WordPress Environment

• Website URL: https://www.wellahealth.com/community
• PHP Version:7.4.25
• WordPress Version: 5.9.3
• Plugin Version: Version 3.9.0
• Identity Provider: Custom OpenIdConnect provider. (uses OpenIddict)
• Relevant Plugin Settings:

[elfico]

I just realized the issue is because the auth server requires that client must use PKCE. Is there any way to enforce this on the plugin?

[timnolte]

So the plugin doesn't currently support PKCE, this was reported/requested awhile ago. https://github.com/oidc-wp/openid-connect-generic/issues/208

There is a link to an addon that someone developed in the comments on that issue to add PKCE support. I have not validated, nor do we necessarily endorse, that addon but it is a possible solution until we get that built in.

[elfico]

Thanks @timnolte , I would check the plugin. How do I install a plugin though, there seem to be no documentation on installation. Would really appreciate the help. Thanks

[timnolte]

@elfico you can download the required addon file directly from here: https://raw.githubusercontent.com/BeAPI/openid-connect-generic-pkce-addon/main/openid-connect-generic-pkce-addon.php

Once you have that file downloaded you should upload it to your website into the wp-content/mu-plugins directory.