mirror of
https://github.com/elyby/oauth2-server.git
synced 2024-12-22 13:09:44 +05:30
1b692e2298
According to [RFC7636#section-4.3](https://tools.ietf.org/html/rfc7636#section-4.3): If the "code_challenge_method" from Section 4.3 was "S256", the received "code_verifier" is hashed by SHA-256, base64url-encoded, and then compared to the "code_challenge", i.e.: BASE64URL-ENCODE(SHA256(ASCII(code_verifier))) == code_challenge So, the hash must be done before the base64_encode. The tests are modified to use example data from the [RFC7636#appendix-B](https://tools.ietf.org/html/rfc7636#appendix-B). |
||
---|---|---|
.. | ||
AbstractGrantTest.php | ||
AuthCodeGrantTest.php | ||
ClientCredentialsGrantTest.php | ||
ImplicitGrantTest.php | ||
PasswordGrantTest.php | ||
RefreshTokenGrantTest.php |