Merge pull request #842 from sgomez/fix-challenge-pkce

Fix S256 code challenge method
2025-05-31 14:12:07 +05:30 · 2018-01-25 23:16:15 +00:00
parent eb9cde5ab7 1b692e2298
commit 8bbd218856
2 changed files with 7 additions and 3 deletions
--- a/src/Grant/AuthCodeGrant.php
+++ b/src/Grant/AuthCodeGrant.php
@@ -144,7 +144,7 @@ class AuthCodeGrant extends AbstractAuthorizeGrant
                case 'S256':
                    if (
                        hash_equals(
-                            hash('sha256', strtr(rtrim(base64_encode($codeVerifier), '='), '+/', '-_')),
+                            strtr(rtrim(base64_encode(hash('sha256', $codeVerifier, true)), '='), '+/', '-_'),
                            $authCodePayload->code_challenge
                        ) === false
                    ) {