-
-
Notifications
You must be signed in to change notification settings - Fork 89
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Implement PKCE for OAuth2 #227
Labels
enhancement
New feature or request
Comments
17 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi!
OpenGist currently doesn't support PKCE for OAuth2, the lack of which is not super secure. I have gone looking at the underlying library and it does support it since markbates/goth@7593a57 which this project has, but implementing it is nonobvious, but here are some relevant issues/prs:
markbates/goth#516
go-gitea/gitea#21426
Additionally, here is some code, but it seems to be based on an older version of the goth code prior to direct pkce support: https://github.com/mozilla/protodash/blob/cdfb39b44c1bd8fe9d256c97d892b9fd37c88103/pkce/session.go#L43
The text was updated successfully, but these errors were encountered: