Uploaded image for project: 'OpenShift Request For Enhancement'
  1. OpenShift Request For Enhancement
  2. RFE-7428

Support for OAuth 2.0 PKCE in RHBK integrations for Quay

XMLWordPrintable

    • Icon: Feature Request Feature Request
    • Resolution: Unresolved
    • Icon: Undefined Undefined
    • None
    • None
    • Quay
    • None
    • None
    • Product / Portfolio Work
    • None
    • False
    • Hide

      None

      Show
      None
    • None
    • None
    • None
    • None
    • None
    • None
    • None
    • None

      1. Proposed title of this feature request

      Support for OAuth 2.0 PKCE (Proof Key for Code Exchange) in Red Hat Build of Keycloak (RHBK) integrations for Quay

      2. What is the nature and description of the request?

      This RFE requests the enablement and full support for OAuth 2.0 PKCE (Proof Key for Code Exchange) in Red Hat Build of Keycloak (RHBK), specifically for use in authentication flows involving:

      • Red Hat Quay

      3. Why does the customer need this? (List the business requirements here)

      Security Compliance

      4. List any affected packages or components.

      • Red Hat Quay (when used with OIDC-based login via RHBK)

      More info : 

       

      https://github.com/quay/quay/blob/2844bddbdaa5500e626f3e00e2409d2eb81bb0a5/oauth/base.py#L144

       

      params = { "client_id": self.client_id(), "redirect_uri": redirect_uri, "scope": " ".join(scopes), "state": quote(csrf_token), "code_challenge": code_challenge, # < missing "code_challenge_method": "S256", # < missing }

              rhn-coreos-tunwu Tony Wu
              rhn-support-snangare Sameer Nangare
              None
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                None
                None