Supplying original /authorize PKCE code_challenge and state to Okta Signin Widget

I’m trying to add the Okta sign-in widget to my mobile app’s backend web API, which currently uses the OAuth 2.0 Authorization Code with PKCE grant flow.

The mobile app is already performing a call to my backend’s /authorize endpoint with all of the necessary parameters - codeChallenge, scope, state, et cetera. However, when I use the sign-in widget, it generates a new PKCE when performing .showSignInAndRedirect(), and sends the widget-generated codeChallenge to the authorization server instead of the codeChallenge I started the overall authorization flow with.

Is there a way I can override the widget’s PKCE with the /authorize data I’ve already got? Particularly, I’m interested in overriding the PKCE, but I will also need to override the state as well.

I can’t use .showSignInToGetTokens(), as the app will still post to my /token endpoint.

Here’s my current configuration - I’m using 5.7.3 of the sign-in widget from the CDN. I’m trying to use .showSignInAndRedirect() because it seems to be the best option to use when augmenting an /authorize endpoint.

const signIn = new OktaSignIn({
    baseUrl: {{oktaDomain}},
    el: '#widget-container',
    clientId: {{clientId}},
    redirectUri: {{redirectUri}}, // registered in my Okta SPA app
    scope: ['openid', 'profile'],
    authParams: {
        issuer: authIssuer
    }
});

signIn.showSignInAndRedirect()
    .catch(function (error) {
        // Handle error
        console.log(error);
    });

An update - I’ve figured out how to supply state to the sign-in widget.

My setup looks like this now:

const signIn = new OktaSignIn({
    baseUrl: {{oktaDomain}},
    el: '#widget-container',
    clientId: {{clientId}},
    redirectUri: {{redirectUri}}, // registered in my Okta SPA app
    scope: ['openid', 'profile'],
    authParams: {
        issuer: authIssuer
    },
    state: {{original_state}}
});

signIn.showSignInAndRedirect()
    .catch(function (error) {
        // Handle error
        console.log(error);
    });

I still need to figure out how to handle passing code_challenge as part of the config before I call showSignInAndRedirect().