providers/oauth2: revert PKCE requirement for public clients
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
This commit is contained in:
parent
175502b053
commit
cfa2edebcf
|
@ -260,9 +260,6 @@ class OAuthAuthorizationParams:
|
|||
self.state,
|
||||
f"Unsupported challenge method {self.code_challenge_method}",
|
||||
)
|
||||
if self.provider.client_type == ClientTypes.PUBLIC and not self.code_challenge:
|
||||
LOGGER.warning("Public clients require PKCE", client_id=self.provider.client_id)
|
||||
raise AuthorizeError(self.redirect_uri, "invalid_request", self.grant_type, self.state)
|
||||
|
||||
def create_code(self, request: HttpRequest) -> AuthorizationCode:
|
||||
"""Create an AuthorizationCode object for the request"""
|
||||
|
|
Reference in a new issue