Notification texts go here Contact Us Buy Now!

Unable to generate authorization code via PKCE flow for SPA

Unable to generate authorization code via PKCE flow for SPA

This error "Invalid size of Code_Challenge parameter." usually occurs if the code_challenge is invalid. Make sure to generate a valid code_ challenge.

To generate code_challenge, you can make use of this tool like below:

enter image description here I tried in my environment and got the code value successfully including the above the code challenge value: enter image description here

Make sure to include origin header like below:

enter image description here

After including all the required parameters, I was able to generate access token successfully via PKCE flow from Postman like below:

enter image description here

Another Solution:

Just strip your hash to 43 characters. Then your fine. For example:

$this->code_challenge = hash("sha256", random_bytes("96"));
$code_challenge = substr($this->code_challenge, 0, 43)

Another Solution:

You seem to be using S256 (SHA256) as the code challenge method (hashing algorithm to hash code verifier). So ensure that the length of the base 64 encoded code_challenge value is 43 characters. If there is a trailing '=', strip this off (this is the padding) before setting the code_challenge query string parameter value.

Another Solution:

This PS code works for me.

# Set the length of the code verifier
        $codeVerifierLength = 64
        # Set the code verifier and code challenge
        $codeVerifier = -join ((48..57) + (65..90) + (97..122) | Get-Random -Count $codeVerifierLength | ForEach-Object {[char]$_})
        $codeChallenge = [System.Convert]::ToBase64String([System.Security.Cryptography.SHA256]::Create().ComputeHash([System.Text.Encoding]::UTF8.GetBytes($codeVerifier)))
        $codeChallenge = $codeChallenge -replace "\+","-" -replace "/","_" -replace "=",""
        # Output the code verifier
        Write-Output "Code Verifier : $codeVerifier"
        # Output the code challenge
        Write-Output "Code Challenge: $codeChallenge"

# Set the request parameters
    $params = @{
        client_id = $clientId
        redirect_uri = $redirectUri
        response_type = "code"
        response_mode = "query"
        resource = $resource
        scope = $scope
        code_challenge = $codeChallenge
        code_challenge_method = "S256"
    }
    # Build the authorization URL
    $authUrl = $authEndpoint + "?" + $(($params.GetEnumerator() | ForEach-Object { "$($_.Name)=$($_.Value)" }) -join "&").tostring()

Post a Comment

Cookie Consent
We serve cookies on this site to analyze traffic, remember your preferences, and optimize your experience.
Oops!
It seems there is something wrong with your internet connection. Please connect to the internet and start browsing again.
AdBlock Detected!
We have detected that you are using adblocking plugin in your browser.
The revenue we earn by the advertisements is used to manage this website, we request you to whitelist our website in your adblocking plugin.
Site is Blocked
Sorry! This site is not available in your country.