Skip to main content

Public

Project privacy set to public. By default, its content is available to everyone (authenticated or not). Please note that more restrictive permissions might exist on some items.

    •  
      request #14800 Opportunistic PKCE support of OIDC provider
    Actions
    Infos
    #14800
    Thomas Gerbet (tgerbet)
    2020-04-22 12:31
    2020-04-20 12:41
    16072
    Details
    Opportunistic PKCE support of OIDC provider
    While PKCE is not part of the OIDC spec (a similar protection is added by the state parameter), it becomes more frequent to have authorization servers that support it or even enforce its usage (it makes sense for an authorization server that also support standard OAuth2 clients).
    Since adding PKCE is additive we could add it, authorization servers supporting it while do the verification others will do nothing.



    https://tools.ietf.org/html/rfc7636
    Authentication & LDAP
    All
    Empty
    • [ ] enhancement
    • [ ] internal improvement
    Empty
    Stage
    Thomas Gerbet (tgerbet)
    Closed
    2020-04-21
    Attachments
    Artifact links

    Releases

    Fixed in

    Artifact ID Project Tracker Summary Status Last Update Date Submitted By Assigned to
    rel #14681 Tuleap Releases 11.14 Delivered 2020-05-03 19:57 Manuel Vacelet (vaceletm)
    Empty
    References
    Referencing request #14800

    Git commit

    tuleap/tuleap/stable

    Merge commit 'refs/changes/56/18756/4' of ssh://gerrit.tuleap.net:29418/tuleap into HEAD 8d10ca8505
    User avatar Joris MASSON (jmasson) , 2020-04-21 17:41
    request #14800: Add support of the PKCE [0] to the OIDC client plugin caf6b3434e
    User avatar Thomas Gerbet (tgerbet) , 2020-04-21 15:22
    Generated PKCE code verifier is too small a9ef3d1fa9
    User avatar Thomas Gerbet (tgerbet) , 2020-04-22 11:57
    Referenced by request #14800

    Artifact Tracker v5

    rel #14681 11.14

    Other

    gerrit #18756
    gerrit #18807
    Display settings

    Follow-ups