search

p2 / OAuth2

OAuth2 framework for macOS and iOS, written in Swift.
Other
1.14k stars 276 forks source link

How to enable PKCE? #332

Closed BryanVision closed 4 years ago

BryanVision commented 4 years ago

re: pod 'p2.OAuth2', '~> 4.2'

The documentation says,

PKCE support is controlled by the useProofKeyForCodeExchange property, and the use_pkce key in the settings dictionary. It is disabled by default. When enabled, a new code verifier string is generated for every authorization request.

I have added:

let oauth2 = OAuth2CodeGrant(settings: [ "client_id": clientID, "client_secret": clientSecret, "authorize_uri": "https://api.redacted.com/oauth/authorize", "token_uri": "https://api.redacte4d.com/oauth/token", // code grant only "redirect_uris": [redirectURL], "scope": scope, "secret_in_body": false, "keychain": false, "use_pkce": true, ] as OAuth2JSON)

I have no idea where I'm supposed to use "useProofKeyForCodeExchange" and when I search the pod's code I can't find either useProofKeyForCodeExchange or use_pkce referenced anywhere.

ossus-lib commented 4 years ago

PKCE support has been added in 5.1.1. Cocoapods support has been dropped in version 5, you can use SPM to add OAuth2, see https://github.com/p2/OAuth2#installation .