Skip to content

Commit 99b3346

Browse files
jankapunktjankapunkt
committed
docs: fix pkce code rendering
1 parent dc60b22 commit 99b3346

File tree

1 file changed

+4
-9
lines changed

1 file changed

+4
-9
lines changed

docs/misc/pkce.rst

Lines changed: 4 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -38,15 +38,13 @@ See :rfc:`Section 1 of RFC 7636 <7636#section-1.1>`.
3838

3939
.. _PKCE#authorizationRequest:
4040

41-
| A. The client creates and records a secret named the "code_verifier"
42-
| and derives a transformed version "t(code_verifier)" (referred to as the "code_challenge"),
43-
| which is sent in the OAuth 2.0 Authorization Request along with the transformation method "t_m".
41+
.. A:: The client creates and records a secret named the "code_verifier" and derives a transformed version "t(code_verifier)" (referred to as the "code_challenge"), which is sent in the OAuth 2.0 Authorization Request along with the transformation method "t_m".
4442
4543
The following shows an example of how a client could generate a `code_challenge`` and
4644
``code_challenge_method`` for the authorizazion request.
4745

4846
::
49-
// helper fn for base64 encoding
47+
5048
const base64URLEncode = str => str.toString('base64')
5149
.replace(/\+/g, '-')
5250
.replace(/\//g, '_')
@@ -97,8 +95,7 @@ If your Request body contains code_challenge and code_challenge_method then PKCE
9795

9896
.. _PKCE#authorizationResponse:
9997

100-
| B. The Authorization Endpoint responds as usual but records
101-
| "t(code_verifier)" and the transformation method.
98+
.. B:: The Authorization Endpoint responds as usual but records "t(code_verifier)" and the transformation method.
10299
103100
The ``AuthorizeHandler.handle`` saves code challenge and code challenge method automatically via ``model.saveAuthorizationCode``.
104101
Note that this calls your model with additional arguments ``codeChallenge`` and ``codeChallengeMethod``.
@@ -109,9 +106,7 @@ Note that this calls your model with additional arguments ``codeChallenge`` and
109106

110107
.. _PKCE#accessTokenRequest:
111108

112-
| C. The client then sends the authorization code in the Access Token
113-
| Request as usual but includes the "code_verifier" secret generated
114-
| at (A).
109+
.. C:: The client then sends the authorization code in the Access Token Request as usual but includes the "code_verifier" secret generated at (A).
115110
116111
This is usually done in your token endpoint, that uses ``OAuth2Server.token``.
117112
Note that your client should have kept ``code_verifier`` a secret until this step and now includes it as param for the token endpoint call.

0 commit comments

Comments
 (0)