summaryrefslogtreecommitdiff
path: root/vendor/code.superseriousbusiness.org/oauth2/v4/server
diff options
context:
space:
mode:
Diffstat (limited to 'vendor/code.superseriousbusiness.org/oauth2/v4/server')
-rw-r--r--vendor/code.superseriousbusiness.org/oauth2/v4/server/config.go25
-rw-r--r--vendor/code.superseriousbusiness.org/oauth2/v4/server/server.go6
2 files changed, 25 insertions, 6 deletions
diff --git a/vendor/code.superseriousbusiness.org/oauth2/v4/server/config.go b/vendor/code.superseriousbusiness.org/oauth2/v4/server/config.go
index 7894f4003..4e3b1a475 100644
--- a/vendor/code.superseriousbusiness.org/oauth2/v4/server/config.go
+++ b/vendor/code.superseriousbusiness.org/oauth2/v4/server/config.go
@@ -9,12 +9,27 @@ import (
// Config configuration parameters
type Config struct {
- TokenType string // token type
- AllowGetAccessRequest bool // to allow GET requests for the token
- AllowedResponseTypes []oauth2.ResponseType // allow the authorization type
- AllowedGrantTypes []oauth2.GrantType // allow the grant type
+ // token type
+ TokenType string
+
+ // to allow GET requests for the token
+ AllowGetAccessRequest bool
+
+ // allow the authorization type
+ AllowedResponseTypes []oauth2.ResponseType
+
+ // allow the grant type
+ AllowedGrantTypes []oauth2.GrantType
+
+ // Allowed values for "code_challenge_method".
AllowedCodeChallengeMethods []oauth2.CodeChallengeMethod
- ForcePKCE bool
+
+ // Default to fall back to
+ // if "code_challenge_method"
+ // was not set in the request.
+ DefaultCodeChallengeMethod oauth2.CodeChallengeMethod
+
+ ForcePKCE bool
}
// NewConfig create to configuration instance
diff --git a/vendor/code.superseriousbusiness.org/oauth2/v4/server/server.go b/vendor/code.superseriousbusiness.org/oauth2/v4/server/server.go
index 82f6ff8c3..91b9effb7 100644
--- a/vendor/code.superseriousbusiness.org/oauth2/v4/server/server.go
+++ b/vendor/code.superseriousbusiness.org/oauth2/v4/server/server.go
@@ -1,6 +1,7 @@
package server
import (
+ "cmp"
"context"
"encoding/json"
"fmt"
@@ -176,7 +177,10 @@ func (s *Server) ValidationAuthorizeRequest(r *http.Request) (*AuthorizeRequest,
ccm := oauth2.CodeChallengeMethod(r.FormValue("code_challenge_method"))
// set default
if ccm == "" {
- ccm = oauth2.CodeChallengePlain
+ ccm = cmp.Or(
+ s.Config.DefaultCodeChallengeMethod,
+ oauth2.CodeChallengePlain,
+ )
}
if ccm.String() != "" && !s.CheckCodeChallengeMethod(ccm) {
return nil, errors.ErrUnsupportedCodeChallengeMethod
generated by cgit v1.2.3 (git 2.46.0) at 2025-12-07 23:51:00 +0000