OAuth – Christopher Davis

How to Debug OAuth Auth Code Login Flows

February 7, 2025February 7, 2025 Christopher Davis

This is from the oauth clients perspective. Some piece of software is implementing a login with Google or Github or {socialPlatform}, and it's not working. Client and Authorization Server are terms found in the OAuth2 spec's section on roles. Errors on the Authorization Server These are often in the form of an invalid_client error code.… Continue reading How to Debug OAuth Auth Code Login Flows

OAuth PKCE with Go

December 7, 2022 Christopher Davis

This is going to describe how to do Proof Key for Code Exchange (PKCE) with Go's golang.org/x/oauth2. A Brief Overview of PKCE PKCE is meant to be an extra layer of client authentication during the authorization code grant flow with public oauth clients (native apps, single page JS apps -- basically anything that cant' kep… Continue reading OAuth PKCE with Go