The frontend sends the code_verifier in the callback request, but the backend was not forwarding it to the OIDC provider's token endpoint. This caused Dex (and any PKCE-aware provider) to reject the token exchange with "Expecting parameter code_verifier in PKCE flow." |
||
|---|---|---|
| .. | ||
| ldap | ||
| oauth2server | ||
| openid | ||
| auth.go | ||