PRISMA-2021-0041 - There is no support for PKCE implementation in the oauthlib client

[bobpach]

PRISMA-2021-0041 - There is no support for PKCE implementation in the oauthlib client. Client-side PKCE for OAuth2 RFC 7636 is required for applications to have secure communication with the authorization server. OAuth 2.0 public clients utilizing the Authorization Code Grant are susceptible to the authorization code interception attack.*Describe the bug

[jjlangen]

I also have this issue. It seems there is an (in)active PR on this issue #743

[rigzba21]

Hi all! I'm running into the same issue with finding PRISMA-2021-0041. I'd love to help out with #743 in any way possible!

[auvipy]

you can help to address the review comments

[rigzba21]

I will do just that! Thanks for pointing me in the right direction.

[gandhirajan]

@auvipy I saw that the PR related to this issue is merged. Could please provide some info on when is the planned release for this fix?

[auvipy]

we can expect very soon, we just need a license issue fixed and update some release notes #766

[gandhirajan]

@auvipy Thanks for the instant update.

[auvipy]

closing in favor of #786