challenger

OAuth 2.0-based authentication service that validates user can receive messages at a certain address
Log | Files | Refs | Submodules | README | LICENSE

commit 158b559c6f46f8bc693bd6a95b0cd3d2bbc48afa
parent 0804fe640b1b28c5f4b71c296fa838af0a697eff
Author: Christian Grothoff <christian@grothoff.org>
Date:   Mon,  6 Jul 2026 10:41:34 +0200

require code_challenge also for CM_S256

Diffstat:
Msrc/challenger/challenger-httpd_authorize.c | 6+++---
1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/challenger/challenger-httpd_authorize.c b/src/challenger/challenger-httpd_authorize.c @@ -176,10 +176,10 @@ CH_handler_authorize (struct CH_HandlerContext *hc, MHD_GET_ARGUMENT_KIND, "code_challenge"); if ( (NULL == code_challenge) && - (CHALLENGER_CM_PLAIN == code_challenge_method_enum) ) + (CHALLENGER_CM_EMPTY != code_challenge_method_enum) ) { - /* Client specified code challenge method but then did not give - the code_challenge. Reject bad request. */ + /* Client specified code challenge method (plain or S256) but then did + not give the code_challenge. Reject bad request. */ GNUNET_break_op (0); return reply_error ( hc,