From 2a9927dfdcca5df6d021ae84bc232e94a4f65f48 Mon Sep 17 00:00:00 2001
From: Daenney <daenney@users.noreply.github.com>
Date: Thu, 28 Sep 2023 11:21:19 +0200
Subject: [PATCH] [chore] Enable S256 code challenge (#2224)

For some reason we only had plain enabled. This adds S256.
---
 internal/oauth/server.go | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/internal/oauth/server.go b/internal/oauth/server.go
index e4376d864..97e6812c5 100644
--- a/internal/oauth/server.go
+++ b/internal/oauth/server.go
@@ -99,7 +99,10 @@ func New(ctx context.Context, database db.Basic) Server {
 			oauth2.AuthorizationCode,
 			oauth2.ClientCredentials,
 		},
-		AllowedCodeChallengeMethods: []oauth2.CodeChallengeMethod{oauth2.CodeChallengePlain},
+		AllowedCodeChallengeMethods: []oauth2.CodeChallengeMethod{
+			oauth2.CodeChallengePlain,
+			oauth2.CodeChallengeS256,
+		},
 	}
 
 	srv := server.NewServer(sc, manager)