Create PKCE verifier according to RFC 7636

[decius7bc]

No description provided.

[maennchen]

Thanks for your PR @decius7bc ❤️

I’m not sure that I understand your change. The new codes reduces the amount of random
bytes, and then both base 32 and base 64 encodes it.

The current solution uses 96 bytes of entropy and creates a 128 bytes base 64 string from it.

Can you explain why the current solution is not confirming to the RFC and how the new solution is?

[maennchen]

Oh, we didn’t use url_encode64 and used encode64 instead. Did you see invalid characters in the generated string?

In that case leaving the amount of bytes at 96 and using the url safe function will probably solve the issue.

[decius7bc]

According to RFC 7636 section 4.1 the ABNF for the code verifier is as follows:

code-verifier = 43*128unreserved
unreserved = ALPHA / DIGIT / "-" / "." / "_" / "~"
ALPHA = %x41-5A / %x61-7A
DIGIT = %x30-39

The base 64 characters /, + and the padding character = are illegal within the context. I discovered this minor bug while testing with Keycloak 23.0.3, always returning the error PKCE invalid code verifier. 😕

I certainly misunderstood the recommendation note:

NOTE: The code verifier SHOULD have enough entropy to make it impractical to guess the value. It is RECOMMENDED that the output of a suitable random number generator be used to create a 32-octet sequence. The octet sequence is then base64url-encoded to produce a 43-octet URL safe string to use as the code verifier.

Using url_encode64/1 with padding: false will do more suitable.

Updated my PR with another fixup commit.