Proof Key for Code Exchange (PKCE) reference
The OAuth 2.0 PKCE (Proof Key for Code Exchange) extension (RFC 7636) is used by applications to prove possession of the authorization code when redeeming the authorization code to request an access token. This prevents interception of the authorization code by malicious applications or websites listening on the redirection endpoint.
PKCE is currently optional for confidential clients (with a client secret). This behavior is deprecated. To conform with OAuth 2.1 or later versions of the standard, and for enhanced security, all integrations should use PKCE.
PKCE is used by sending the following parameters in the authorization request:
The code_challenge_method
parameter must always be "S256"
. Plain text PKCE is not supported by FotoWeb.
The code_challenge
parameter must be as follows:
code_challenge = BASE64URL-ENCODE(SHA256(ASCII(code_verifier)))
i.e., the SHA256 hash of a code_verifier
string, encoded as URL-friendly Base64 (using the character '-' for '+' and '_' for '/'):
static string EncodeBase64URL(byte[] arg) { string s = Convert.ToBase64String(arg); // Regular base64 encoder s = s.Split('=')[0]; // Remove any trailing '='s s = s.Replace('+', '-'); // 62nd char of encoding s = s.Replace('/', '_'); // 63rd char of encoding return s; } // Compute the code_challenge parameter from the code_verifyer private static string MakeCodeChallenge(string codeVerifier) { using (var sha256 = new SHA256CryptoServiceProvider()) { return EncodeBase64URL(sha256.ComputeHash(System.Text.Encoding.UTF8.GetBytes(codeVerifier))); } }
The code_verifier
string MUST be a random string of minimum 43 characters and maximum 128 characters. Each character MUST be one of the following:
- an uppercase or lowercase character
- a digit
- the characters '-', '.', '_', '~'.
The code verifier SHOULD have enough entropy to make it impractical to guess the value. This can usually be achieved using a cryptographically-safe random generator, such as
RNGCryptoServiceProvider
in .NET.random.systemRandom
in Python./dev/urandom
on Linux
It is RECOMMENDED that the output of a suitable random number generator be used to create a 32-byte sequence. The octet sequence is then BASE64URL-encoded to produce a 43-byte URL safe string to use as the code verifier:
private static string MakeCodeVerifier(int numBytes = 32) { using (var rng = new RNGCryptoServiceProvider()) { byte[] bytes = new byte[numBytes]; rng.GetBytes(bytes); return EncodeBase64URL(bytes); } }