When we did the implementation there was no S256 transformation defined or made MTI for the server. I'm pretty sure it was http://tools.ietf.org/html/ draft-sakimura-oauth-tcse-03
Thus, our server supports only the "no transformation" (as it was called then) or the "plain" code_challenge_method (as it's called now). It is compatible with the latest version of the draft for a client using the "plain" code_challenge_method (thank you to everyone for maintaining that). But wouldn't work for the "S256" code_challenge_method as it didn't exist at the time we implemented. On Tue, Feb 17, 2015 at 9:49 AM, Hannes Tschofenig < hannes.tschofe...@gmx.net> wrote: > Hi Brian, > > what is different between the version you guys implemented and the > version that is currently documented in the latest version of the draft? > > Ciao > Hannes > > > On 01/30/2015 06:50 PM, Brian Campbell wrote: > > > > On Tue, Jan 27, 2015 at 9:24 AM, Hannes Tschofenig > > <hannes.tschofe...@gmx.net <mailto:hannes.tschofe...@gmx.net>> wrote: > > > > > > 1) What implementations of the spec are you aware of? > > > > > > We have an AS side implementation of an earlier draft that was released > > in June of last year: > > > http://documentation.pingidentity.com/pages/viewpage.action?pageId=26706844 > >
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth