trustchain-oc1-orchestral
/
authentik
Archived
10
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

providers/oauth2: revert PKCE requirement for public clients 

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
This commit is contained in:
Jens Langhammer 2023-02-21 23:51:27 +01:00
parent 175502b053
commit cfa2edebcf
No known key found for this signature in database
1 changed files with 0 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
authentik/providers/oauth2/views/authorize.py
View File

@ -260,9 +260,6 @@ class OAuthAuthorizationParams:
self.state, self.state,
f"Unsupported challenge method {self.code_challenge_method}", f"Unsupported challenge method {self.code_challenge_method}",
) )
if self.provider.client_type == ClientTypes.PUBLIC and not self.code_challenge:
LOGGER.warning("Public clients require PKCE", client_id=self.provider.client_id)
raise AuthorizeError(self.redirect_uri, "invalid_request", self.grant_type, self.state)
def create_code(self, request: HttpRequest) -> AuthorizationCode: def create_code(self, request: HttpRequest) -> AuthorizationCode:
"""Create an AuthorizationCode object for the request""" """Create an AuthorizationCode object for the request"""