Use valid length of code_verifier

This commit is contained in:
Hugh Nimmo-Smith 2022-07-29 09:44:24 +01:00 committed by Quentin Gliech
parent 4fcbd3bf20
commit 1482ba24bf
No known key found for this signature in database
GPG Key ID: 22D62B84552719FC

View File

@ -242,7 +242,7 @@ export class OidcApi {
redirectUri,
state: randomString(8),
nonce: randomString(8),
codeVerifier: randomString(32),
codeVerifier: randomString(64), // https://tools.ietf.org/html/rfc7636#section-4.1 length needs to be 43-128 characters
};
}