OAuth 2.0: Authorization Code (With PKCE)
t
teheidoma
Hi there! I am happy to see OAuth 2.0 support on Apidog! However I have some questions if possible.. Is there any way to see the actual requests going to server? Like request history or some console.
Also I have a little suggestion, I recently faced the issue when my auth server accepts challenge method 'SHA-256' but the actual field require it as 'S256'. Idk if that common to send it like that, but RFC seems like to have it also
https://datatracker.ietf.org/doc/html/rfc7636#appendix-B
. I suggest some challange_method_format field or maybe as a additional option to an original one.
Thanks for you attention!
Evans
We fixed this issue in version 2.5.21, please upgrade and try it.
t
teheidoma
Evans Hello! I've updated to 2.5.24 and it seems like still sha256 to me :(
Evans
Please switch between Plain and SHA-256 in the Code Challenge Method. This will clear the cache of the old version. Then try again.
Evans
Thanks for the feedback. We used the wrong value, the correct value should be S256 not SHA-256. We will fix it in the new version.