PKCE Support
jessedoyle opened this issue · 1 comments
jessedoyle commented
The IETF now recommends the use of PKCE (Proof Key for Code Exchange) to protect OAuth2 code authorization grants.
Would you consider adding support for optional PKCE in omniauth-oauth2? I've implemented it manually a number of times now and would be happy to submit a PR.
Relevant RFC: https://tools.ietf.org/html/rfc7636
Thanks!
jessedoyle commented
PR submitted: #131