How to make aspnetcore.authentication.openidconnect make use of PKCE?

Question

For communication with a given Endpoint (german DATEV), our code is required to make use of PKCE (https://www.rfc-editor.org/rfc/rfc7636).

It's possible to hook into OpenIdConnectEvents.OnRedirectToIdentityProvider and compute and put 'code_challenge' and 'code_challenge_method' data into the given ProtocolMessage.Parameters for transfer into the authorization-query.

Is that the only way to enable PKCE with OpenIdConnect?

Thanks for any hints!

score 0 · Answer 1 · edited Mar 10 '20 at 13:09

0

PKCE is a Native (Desktop or Mobile) Apps solution and it feels like you might not be using the right library for the job.

Could you provide a bit more info about your scenario - such as what type of app you are building - I'll then be happy to point you to a certified library along with some sample code.

edited Mar 10 '20 at 13:09

halfer

19,824
17
99
186

answered Jan 22 '19 at 20:56

Gary Archer

22,534
2
12
24

How to make aspnetcore.authentication.openidconnect make use of PKCE?

1 Answers1