MCPcopy Index your code
hub / github.com/coder/coder / VerifyPKCE

Function VerifyPKCE

coderd/oauth2provider/pkce.go:11–20  ·  view source on GitHub ↗

VerifyPKCE verifies that the code_verifier matches the code_challenge using the S256 method as specified in RFC 7636.

(challenge, verifier string)

Source from the content-addressed store, hash-verified

9// VerifyPKCE verifies that the code_verifier matches the code_challenge
10// using the S256 method as specified in RFC 7636.
11func VerifyPKCE(challenge, verifier string) bool {
12 if challenge == "" || verifier == "" {
13 return false
14 }
15
16 // S256: BASE64URL-ENCODE(SHA256(ASCII(code_verifier))) == code_challenge
17 h := sha256.Sum256([]byte(verifier))
18 computed := base64.RawURLEncoding.EncodeToString(h[:])
19 return subtle.ConstantTimeCompare([]byte(challenge), []byte(computed)) == 1
20}

Callers 3

TestVerifyPKCEFunction · 0.92
TestPKCES256GenerationFunction · 0.92
authorizationCodeGrantFunction · 0.85

Calls

no outgoing calls

Tested by 2

TestVerifyPKCEFunction · 0.74
TestPKCES256GenerationFunction · 0.74