search

vert-x3 / vertx-web

HTTP web applications for Vert.x
Apache License 2.0
1.11k stars 536 forks source link

Fix typo in error mesage regarding the oauth2 pkce length #2623

Closed fbuetler closed 5 months ago

fbuetler commented 5 months ago

Motivation:

There is a typo in the error message regarding the minium required length of the PKCE in Oauth2. Correct is 43:

NOTE: The code verifier SHOULD have enough entropy to make it impractical to guess the value. It is RECOMMENDED that the output of a suitable random number generator be used to create a 32-octet sequence. The octet sequence is then base64url-encoded to produce a 43-octet URL safe string to use as the code verifier.

(Source: https://www.rfc-editor.org/rfc/inline-errata/rfc7636.html)

tsegismont commented 5 months ago

Would you mind creating the same PR for the 4.x branch?

fbuetler commented 5 months ago

@tsegismont please see https://github.com/vert-x3/vertx-web/pull/2627