module Rack::OAuth2::Server::Extension::PKCE::TokenRequest

Public Class Methods

included(klass) click to toggle source
# File lib/rack/oauth2/server/extension/pkce.rb, line 19
def self.included(klass)
  klass.send :attr_optional, :code_verifier
end
new(env) click to toggle source
Calls superclass method
# File lib/rack/oauth2/server/extension/pkce.rb, line 23
def initialize(env)
  super
  @code_verifier = params['code_verifier']
end

Public Instance Methods

verify_code_verifier!(code_challenge, code_challenge_method = :S256) click to toggle source
# File lib/rack/oauth2/server/extension/pkce.rb, line 28
def verify_code_verifier!(code_challenge, code_challenge_method = :S256)
  if code_verifier.present? || code_challenge.present?
    case code_challenge_method.try(:to_sym)
    when :S256
      code_challenge == Util.urlsafe_base64_encode(
        OpenSSL::Digest::SHA256.digest(code_verifier.to_s)
      ) or invalid_grant!
    when :plain
      code_challenge == code_verifier or invalid_grant!
    else
      invalid_grant!
    end
  end
end