Skip to content
/ verifier-and-challenge Public

An npm package for generating RFC 7636 verifier and challenge values

License

MIT license
1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

lonnelars/verifier-and-challenge

BranchesTags

Repository files navigation

verifier-and-challenge

An npm package for generating verifier and challenge values as described in RFC 7636.

This package exports a single function called generateVerifierAndChallenge, which generates a Promise which resolves with an object with two keys. One is called verifier, and is a 43-character random string, consisting of URL-safe characters. The other is called challenge, and is the SHA-256 hash of the verifier.

These values can be used as a "Proof key for code exchange for OAuth public clients", as described in https://tools.ietf.org/html/rfc7636.

Compatibility

The code should work in IE 11 and modern browsers, assuming that window.Promise is defined. For IE 11, that means you will have to use a polyfill. https://github.com/stefanpenner/es6-promise is one alternative.

Examples

Use with require

const {
  generateVerifierAndChallenge
} = require("@larlon/verifier-and-challenge");
generateVerifierAndChallenge()
  .then(values => {
    storeIn(sessionStorage, values.verifier);
    return values;
  })
  .then(values => {
    authenticate(values.challenge);
  });

Use with import

import { generateVerifierAndChallenge } from "@larlon/verifier-and-challenge";

generateVerifierAndChallenge()
  .then(values => {
    storeIn(sessionStorage, values.verifier);
    return values;
  })
  .then(values => {
    authenticate(values.challenge);
  });

About

An npm package for generating RFC 7636 verifier and challenge values

Topics

pkce rfc-7636

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

4 tags

Packages

No packages published

Contributors 2

  •  
  •  

Languages