initial working version
This commit is contained in:
parent
db6b90134d
commit
d986a0b31a
19 changed files with 1430 additions and 0 deletions
25
internal/pkce/pkce.go
Normal file
25
internal/pkce/pkce.go
Normal file
|
|
@ -0,0 +1,25 @@
|
|||
package pkce
|
||||
|
||||
import (
|
||||
"crypto/rand"
|
||||
"crypto/sha256"
|
||||
"encoding/base64"
|
||||
)
|
||||
|
||||
const verifierLength = 43
|
||||
|
||||
// Generate creates a PKCE code verifier and its S256 challenge.
|
||||
func Generate() (verifier, challenge string, err error) {
|
||||
// Generate random bytes and encode to URL-safe base64 (no padding)
|
||||
buf := make([]byte, 32)
|
||||
if _, err := rand.Read(buf); err != nil {
|
||||
return "", "", err
|
||||
}
|
||||
verifier = base64.RawURLEncoding.EncodeToString(buf)
|
||||
|
||||
// Derive challenge: base64url(sha256(verifier))
|
||||
h := sha256.Sum256([]byte(verifier))
|
||||
challenge = base64.RawURLEncoding.EncodeToString(h[:])
|
||||
|
||||
return verifier, challenge, nil
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue