The "code_challenge_methods_supported" parameter does not exist in the OpenAM .well-known endpoint (/sso/oauth2/.well-known/openid-configuration).
The definition of the "code_challenge_methods_supported" parameter must follow the code_challenge_method specification in RFC 7636.
Solution
In the part where the content of the .well-known endpoint is created, make "code_challenge_methods_supported" return a fixed value (plain and S256)
File:openam-oauth2\src\main\java\org\forgerock\openidconnect\restlet\OpenIDConnectConfiguration.java
Description
The "code_challenge_methods_supported" parameter does not exist in the OpenAM .well-known endpoint (/sso/oauth2/.well-known/openid-configuration). The definition of the "code_challenge_methods_supported" parameter must follow the code_challenge_method specification in RFC 7636.
Solution
In the part where the content of the .well-known endpoint is created, make "code_challenge_methods_supported" return a fixed value (plain and S256) File:
openam-oauth2\src\main\java\org\forgerock\openidconnect\restlet\OpenIDConnectConfiguration.javaReferences
RFC 7636 - Proof Key for Code Exchange by OAuth Public Clients https://datatracker.ietf.org/doc/html/rfc7636#section-4.2