Base64 URL-encoded SHA-256 hash of the code verifier

RichardP · August 20, 2020, 11:34pm

Someone have an example of how to do this in Javascript?

The examples in the developer docs show

code_verifier
M25iVXpKU3puUjFaYWg3T1NDTDQtcW1ROUY5YXlwalNoc0hhakxifmZHag

code_challenge
qjrzSW9gMiUgpUvqgEPE4_-8swvyCtfOVvg55o5S_es

But when I run the code verifier through nearly every online SHA 256 Hash generator I get
aa3af3496f60322520a54bea8043c4e3ffbcb30bf20ad7ce56f839e68e52fdeb

phi1ipp · August 22, 2020, 4:04am

Taken from here - https://tonyxu-io.github.io/pkce-generator/

    function generateCodeChallenge(code_verifier) {
      return code_challenge = base64URL(CryptoJS.SHA256(code_verifier))
    }
    function base64URL(string) {
      return string.toString(CryptoJS.enc.Base64).replace(/=/g, '').replace(/\+/g, '-').replace(/\//g, '_')
    }

Post		Replies	Views
Code to generate code verifier and code challenge Questions	3	4589	June 19, 2020
How to do PKCE challenge in PHP OAuth/OIDC php	2	9234	October 11, 2017
Help with Invalid code_challenge_method Questions	6	5538	February 8, 2024
What is Code Verifier and Why? Questions	3	3955	March 23, 2024
PKCE Verification Failed Intermittent C# Questions	4	5560	April 6, 2021

Base64 URL-encoded SHA-256 hash of the code verifier

Related topics