Commit 0d0ac591 authored by ntome's avatar ntome Committed by Romain Bignon

OAuth2PKCEMixin: follow RFC 7636 on code_challenge generation

Hex-digest was required for some buggy site fixed since then
parent 7c3720f4
......@@ -1071,8 +1071,8 @@ class OAuth2PKCEMixin(OAuth2Mixin):
return base64.urlsafe_b64encode(os.urandom(bytes_number)).rstrip(b'=')
def code_challenge(self, verifier):
digest = sha256(verifier).hexdigest()
return base64.urlsafe_b64encode(digest)
digest = sha256(verifier).digest()
return base64.urlsafe_b64encode(digest).rstrip(b'=')
def build_authorization_parameters(self):
return {'redirect_uri': self.redirect_uri,
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment