pkce

问题 I cannot get IdentityServer4 PKCE authorization to work using Postman. Using online tools I create the necessary parts: Choose a random string: 1234567890 Get its SHA-256 hash: c775e7b757ede630cd0aa1113bd102661ab38829ca52a6422ab782862f268646 Base64 encode the hash to get the code challenge: Yzc3NWU3Yjc1N2VkZTYzMGNkMGFhMTExM2JkMTAyNjYxYWIzODgyOWNhNTJhNjQyMmFiNzgyODYyZjI2ODY0Ng== In the browser I navigate to the following URL, fill in my credentials and retrieve the code from the fragmented

问题 I cannot get IdentityServer4 PKCE authorization to work using Postman. Using online tools I create the necessary parts: Choose a random string: 1234567890 Get its SHA-256 hash: c775e7b757ede630cd0aa1113bd102661ab38829ca52a6422ab782862f268646 Base64 encode the hash to get the code challenge: Yzc3NWU3Yjc1N2VkZTYzMGNkMGFhMTExM2JkMTAyNjYxYWIzODgyOWNhNTJhNjQyMmFiNzgyODYyZjI2ODY0Ng== In the browser I navigate to the following URL, fill in my credentials and retrieve the code from the fragmented

问题 I have a pure Javascript app which attempts to get an access token from Azure using OAuth Authorization Flow with PKCE. The app is not hosted in Azure. I only use Azure as an OAuth Authorization Server. //Based on: https://developer.okta.com/blog/2019/05/01/is-the-oauth-implicit-flow-dead var config = { client_id: "xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxxx", redirect_uri: "http://localhost:8080/", authorization_endpoint: "https://login.microsoftonline.com/{tenant-id}/oauth2/v2.0/authorize", token

问题 I have a pure Javascript app which attempts to get an access token from Azure using OAuth Authorization Flow with PKCE. The app is not hosted in Azure. I only use Azure as an OAuth Authorization Server. //Based on: https://developer.okta.com/blog/2019/05/01/is-the-oauth-implicit-flow-dead var config = { client_id: "xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxxx", redirect_uri: "http://localhost:8080/", authorization_endpoint: "https://login.microsoftonline.com/{tenant-id}/oauth2/v2.0/authorize", token

问题 I tried to use the currently recommended Authorization Code Flow with PKCE to gather an access token from Active Directory. The client will be a public Angular SPA which is the reason for the chosen flow. Gathering the openid-configuration form AD as well as the Authorization Code for a user worked well. But I fail requesting the access token from the following endpoint: https://login.microsoftonline.com/{tenantId}/oauth2/token. I tried to reconstruct the request in Postman: POST /7e8c2868