url_for_oauth2_pkce and exchange_code_for_token with code_verifier is producing code verifier challenge failed
Closed this issue · 2 comments
url_for_oauth2_pkce
and exchange_code_for_token
with code_verifier
is producing Code verifier challenge failed
I'm storing the plain secret
from url_for_oauth2_pkce
for later use.
Also I'm not sure if the function https://github.com/nylas/nylas-python/blob/v6.0.0-beta/nylas/resources/auth.py#L24-L26
is correct.
def _hash_pkce_secret(secret: str) -> str:
sha256_hash = hashlib.sha256(secret.encode()).digest()
return base64.b64encode(sha256_hash).decode()
I test it with nylas
from the documentation https://developer.nylas.com/docs/developer-guide/v3-authentication/hosted-oauth-accesstoken/#constructing-a-code-challenge and got a different output.
I was expecting ZTk2YmY2Njg2YTNjMzUxMGU5ZTkyN2RiNzA2OWNiMWNiYTliOTliMDIyZjQ5NDgzYTZjZTMyNzA4MDllNjhhMg
This function
def _hash_pkce_secret(secret: str) -> str:
sha256_hash = hashlib.sha256(secret.encode()).hexdigest()
return base64.b64encode(sha256_hash.encode()).decode().rstrip("=")
does produce ZTk2YmY2Njg2YTNjMzUxMGU5ZTkyN2RiNzA2OWNiMWNiYTliOTliMDIyZjQ5NDgzYTZjZTMyNzA4MDllNjhhMg
for now I'm using it without pkce
Thanks for pointing this out @wobeng, will add this fix for the next beta version.
This fix is now released in v6 beta 8: https://pypi.org/project/nylas/6.0.0b8/