OAuth 2.0: Authorization Code (With PKCE)
t
teheidoma
Hi there! I am happy to see OAuth 2.0 support on Apidog! However I have some questions if possible.. Is there any way to see the actual requests going to server? Like request history or some console.
Also I have a little suggestion, I recently faced the issue when my auth server accepts challenge method 'SHA-256' but the actual field require it as 'S256'. Idk if that common to send it like that, but RFC seems like to have it also
https://datatracker.ietf.org/doc/html/rfc7636#appendix-B
. I suggest some challange_method_format field or maybe as a additional option to an original one.
Thanks for you attention!
Evans
We fixed this issue in version 2.5.21, please upgrade and try it.
t
teheidoma
Evans Hello! I've updated to 2.5.24 and it seems like still sha256 to me :(
Evans
Thanks for the feedback. We used the wrong value, the correct value should be S256 not SHA-256. We will fix it in the new version.