Skip to content

Fix: generatePKCECodeVerifier length #199

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
ADmad merged 3 commits into from
Aug 28, 2025
Merged

Fix: generatePKCECodeVerifier length #199

ADmad merged 3 commits into from
Aug 28, 2025

Conversation

@harphield
Copy link

@harphield harphield commented Aug 27, 2025

Type: bug fix | new feature | code quality | documentation

Link to issue: #198

In raising this pull request, I confirm the following (please check boxes):

  • I have read and understood the Contributing Guidelines.
  • I have checked that another pull request for this purpose does not exist.
  • I wrote some tests for this PR.

Small description of change:

  • Fixes generatePKCECodeVerifier() to never generate strings < 43 or > 128 in length
  • adds pkceCodeVerifierLength to customize the code_verifier length

Thanks 😺

Matej Labas added 2 commits August 27, 2025 14:32
- Fixes generatePKCECodeVerifier() to never generate strings < 43 or …
a29858c 
…> 128 in length

- adds pkceCodeVerifierLength to customize the code_verifier length
Space
a34c276
ADmad
ADmad reviewed Aug 27, 2025
View reviewed changes
src/OAuth2/AbstractProvider.php Outdated

protected bool $pkce = false;

protected int $pkceCodeVerifierLength = 96;
Copy link
Contributor

@ADmad ADmad Aug 27, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we rename this to pkceCodeVerifierByteLength to be more clear about what length it indicates?

Copy link
Author

@harphield harphield Aug 28, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, that will make it more understandable. I also renamed it in the generatePKCECodeVerifier method.

@ADmad ADmad merged commit 3a5ccbe into SocialConnect:master Aug 28, 2025
8 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ADmad ADmad ADmad left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@harphield @ADmad