PKCE with OIDC Connector #2253
Unanswered
titlisgupta
asked this question in
Q&A
PKCE with OIDC Connector
#2253
Replies: 3 comments 1 reply
-
|
A few years late, but I have raised a PR for this feature here: #3188 |
Beta Was this translation helpful? Give feedback.
1 reply
-
|
Hello, any news? |
Beta Was this translation helpful? Give feedback.
-
|
Can not believe this is not doable. |
Beta Was this translation helpful? Give feedback.
0 replies
-
|
I've tested the PR #3188 and it works as expected |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
I am trying to use Authorization code flow with PKCE in DEX, with oidc connector. I have created a public client in dex and my oidc provider(keycloak) is configured to use PKCE but my authentication is failing with error Failed to authenticate: invalid_request: Missing parameter: code_challenge_method
The client application is sending the code_challenge_method correctly, it even works if I connect it directly with keycloak.
http://172.24.128.115:32764/auth/testUI?client_id=testUI&code_challenge=kN7BfqrX9AkKfqUQIdXuffOnTlWY3lsgRm_90IVZeg4&code_challenge_method=S256&redirect_uri=http%3A%2F%2Flocalhost%3A15000%2Fcode-identityserver-sample.html&response_mode=query&response_type=code&scope=openid+profile&state=52b27ac792b84d83bcc0909312aecd43
However DEX is not adding the code_challenge_method while forwarding the request to keycloak.
GET /auth/realms/master/protocol/openid-connect/auth?client_id=testUI&redirect_uri=http%3A%2F%2F172.24.128.115%3A32764%2Fcallback&response_type=code&scope=openid+profile+email+openid&state=c2j5scpzyjzgmbjoiypktn2du
I would like to understand if there is any more configuration we need to do to enable PKCE in DEX. My configuration is as follow
Beta Was this translation helpful? Give feedback.
All reactions