I meet a problem and I search a solution, can you help me? I make an Python application for test a OIDC connection with PKCE. I can authenticate myself and have a personnal message like "Hello Name_user" thanks the ID Token. Now my goal is to implement the PKCE. The IDP is configure and my application too, but it doesn't work. I tried to troubleshooting by reading all the documentation on the Net but nothings.
In my IDP, he's configure to put the PKCE and in my application I have write this in my login part :
"code_verifier = pkce.generate_code_verifier(length=128)
code_challenge = pkce.get_code_challenge(code_verifier)
nonce = 'generate_a_nonce_value_here'
session['nonce'] = nonce
session['code_verifier'] = code_verifier
redirect_uri = 'http://127.0.0.1:5000/auth'
session['redirect_uri'] = redirect_uri
authorize_params = {
'nonce': nonce,
'client_id': client_id,
'redirect_uri': redirect_uri,
'response_type': 'code',
'scope': 'openid id',
'code_challenge': code_challenge,"
and write this in my auth part : "code = request.args.get('code') code_verifier = session['code_verifier']
# Obtenir l'access token
token_response = requests.post(
token_url,
data={
'code': code,
'code_verifier': code_verifier,
'grant_type': 'authorization_code',
'redirect_uri': session['redirect_uri'],
'client_id': 'client_id_of_my_idp',
'client_secret': 'secret_key_of_my_idp',
'scope': 'openid id id2 id3'
},
verify=False
)"
I generated of random way my code_verifier and I tried most test I have found on the internet. To finish, when I authentificate myself, I have my personnal message and in the logs of IDP I don't have a error or other. The IDP just say "Generated token OK: code in authorization code flow" even though everything is set up for PKCE