From 1482ba24bf87cbbad8384242fe9944c4e9568d68 Mon Sep 17 00:00:00 2001 From: Hugh Nimmo-Smith Date: Fri, 29 Jul 2022 09:44:24 +0100 Subject: [PATCH] Use valid length of code_verifier --- src/matrix/net/OidcApi.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/matrix/net/OidcApi.ts b/src/matrix/net/OidcApi.ts index bdc9352a..103aae82 100644 --- a/src/matrix/net/OidcApi.ts +++ b/src/matrix/net/OidcApi.ts @@ -242,7 +242,7 @@ export class OidcApi { redirectUri, state: randomString(8), nonce: randomString(8), - codeVerifier: randomString(32), + codeVerifier: randomString(64), // https://tools.ietf.org/html/rfc7636#section-4.1 length needs to be 43-128 characters }; }