I'm having issues setting up a custom oidc auth provider in Gitea using the goth openidConnect provider. The auth requests are denied because my provider mandates the use of PKCE.
This could be configured at the provider level according to #473 I think, but ideally the feature should be picked up from the discovery document: the presence of a non-empty code_challenge_methods_supported in the json response signals that PKCE is available, and lists the supported challenge methods. If the provider and the RP are spec-compliant, it should "just work" without additional config.
I'm having issues setting up a custom oidc auth provider in Gitea using the goth openidConnect provider. The auth requests are denied because my provider mandates the use of PKCE.
This could be configured at the provider level according to #473 I think, but ideally the feature should be picked up from the discovery document: the presence of a non-empty
code_challenge_methods_supportedin the json response signals that PKCE is available, and lists the supported challenge methods. If the provider and the RP are spec-compliant, it should "just work" without additional config.