providers/oauth2: revert PKCE requirement for public clients

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
This commit is contained in:
Jens Langhammer 2023-02-21 23:51:27 +01:00
parent 175502b053
commit cfa2edebcf
No known key found for this signature in database

View file

@ -260,9 +260,6 @@ class OAuthAuthorizationParams:
self.state,
f"Unsupported challenge method {self.code_challenge_method}",
)
if self.provider.client_type == ClientTypes.PUBLIC and not self.code_challenge:
LOGGER.warning("Public clients require PKCE", client_id=self.provider.client_id)
raise AuthorizeError(self.redirect_uri, "invalid_request", self.grant_type, self.state)
def create_code(self, request: HttpRequest) -> AuthorizationCode:
"""Create an AuthorizationCode object for the request"""