public string CreatePkceCodeChallenge(OAuth2PkceChallengeMethod challengeMethod, string codeVerifier) { switch (challengeMethod) { case OAuth2PkceChallengeMethod.Plain: return(codeVerifier); case OAuth2PkceChallengeMethod.Sha256: // The "S256" code challenge is computed as follows, per RFC 7636: // // code_challenge = BASE64URL-ENCODE(SHA256(ASCII(code_verifier))) // using (var sha256 = SHA256.Create()) { return(Base64UrlConvert.Encode( sha256.ComputeHash( Encoding.ASCII.GetBytes(codeVerifier) ), PkceIncludeBase64UrlPadding )); } default: throw new ArgumentOutOfRangeException(nameof(challengeMethod), challengeMethod, "Unknown PKCE code challenge method."); } }
public AuthCodeGrant(string code, string[] scopes, string redirectUri = null, string codeChallenge = null, OAuth2PkceChallengeMethod codeChallengeMethod = OAuth2PkceChallengeMethod.Plain) { Code = code; Scopes = scopes; RedirectUri = redirectUri; CodeChallenge = codeChallenge; CodeChallengeMethod = codeChallengeMethod; }
public AuthCodeGrant CreateAuthorizationCodeGrant(TestOAuth2ServerTokenGenerator generator, string[] scopes, string redirectUri, string codeChallenge, OAuth2PkceChallengeMethod codeChallengeMethod) { string code = generator.CreateAuthorizationCode(); var grant = new AuthCodeGrant(code, scopes, redirectUri, codeChallenge, codeChallengeMethod); AuthGrants.Add(grant); return(grant); }