Change from:
session = OAuth2Session(client_id)
to
session = OAuth2Session(app.client_id, pkce="S256")
And be sure to reuse the same session for fetch_token, as it will need to remember code_verifier. It is not really practical beyond PoC, so any suggestions are welcome.
coverage: 90.406% (-0.2%) from 90.584%
when pulling 596beb59c47849c1c9da427370faf3a62fa2be19 on pkce
into 424adf0d7906828ccf91fb2b228c3480cec91054 on master.
Since oauthlib 3.2.0 now supports PKCE for Clients (https://github.com/oauthlib/oauthlib/releases/tag/v3.2.0), this PR proposes a first implementation . Any feedbacks are welcome, I'm not sure it is production ready yet.
Change from:
session = OAuth2Session(client_id)
tosession = OAuth2Session(app.client_id, pkce="S256")
And be sure to reuse the same session for fetch_token, as it will need to remember code_verifier. It is not really practical beyond PoC, so any suggestions are welcome.