Add support for public clients and PKCE

Created on 15 November 2024, about 1 month ago

Problem/Motivation

Social Auth currently only supports OAuth2 for private clients with a client ID and secret key. Public clients using Proof Key for Code Exchange (PKCE) use only a public client ID and no secret key.

Proposed resolution

Add support for getting and setting a PKCE code that can be used by the underlying OAuth2 client for code challenge and verification.

Remaining tasks

Create and merge a PR.

API changes

Add a new uses_public_client_id option to the network plugin configuration. Implementers can use this option to indicate their client uses a public Client ID and does not require a secret key,

📌 Task

Status

Active

Version

4.2

Component

Code

Created by

🇺🇸United States wells Seattle, WA

Live updates comments and jobs are added and updated live.

Merge Requests

!33Add support for public clients and PKCE
Merged
🇺🇸United States wells
updated about 1 month ago

Comments & Activities

Issue created by @wells
Merge request !33Add public client ID and PKCE support → (Merged) created by wells
Pipeline finished with Skipped
about 1 month ago
#339316
Comment about 1 month ago →
System Message

wells → committed abcdd2e4 on 4.2.x
Issue #3487650 by wells: Add support for public clients and PKCE
Comment about 1 month ago →
🇺🇸United States wells Seattle, WA
Comment 20 days ago →
System Message
Automatically closed - issue fixed for 2 weeks with no activity.

contrib.social Blog FAQ Discussions

Production build 0.71.5 2024