studio/people
Archived
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

🐛(oauth2) disable PKCE for Proconnect

Browse Source 
The PKCE is not available for Proconnect, security is made otherwise.
This commit is contained in:
Quentin BEY
2025-03-13 10:03:08 +01:00
committed by BEY Quentin
parent 59633d6543
commit 5cc8108e7b
1 changed files with 14 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
src/backend/mailbox_oauth2/validators.py
View File

@@ -178,3 +178,17 @@ class ProConnectValidator(BaseValidator):
# Call the superclass method to create the authorization code # Call the superclass method to create the authorization code
return super()._create_authorization_code(request, code, expires) return super()._create_authorization_code(request, code, expires)
def is_pkce_required(self, client_id, request):
"""
Determine if PKCE is required for the given client.
For ProConnect, PKCE is disabled.
Args:
client_id: The client identifier.
request: The OAuth2 request object containing user and scope information.
Returns:
bool: True if PKCE is required, False otherwise.
"""
return False