Appendix B. Example for the S256 code_challenge_method

The client uses output of a suitable random number generator to create a 32-octet sequence. The octets representing the value in this example (using JSON array notation) are:

[116, 24, 223, 180, 151, 153, 224, 37, 79, 250, 96, 125, 216, 173,
 187, 186, 22, 212, 37, 77, 105, 214, 191, 240, 91, 88, 5, 88, 83,
 132, 141, 121]

Encoding this octet sequence as base64url provides the value of the code_verifier:

dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXk

The code_verifier is then hashed via the SHA256 hash function to produce:

[19, 211, 30, 150, 26, 26, 216, 236, 47, 22, 177, 12, 76, 152, 46,
 8, 118, 168, 120, 173, 109, 241, 68, 86, 110, 225, 137, 74, 203,
 112, 249, 195]

Encoding this octet sequence as base64url provides the value of the code_challenge:

E9Melhoa2OwvFrEMTJguCHaoeK1t8URWbuGJSstw-cM

The authorization request includes:

code_challenge=E9Melhoa2OwvFrEMTJguCHaoeK1t8URWbuGJSstw-cM
&code_challenge_method=S256

The authorization server then records the code_challenge and code_challenge_method along with the code that is granted to the client.

In the request to the token_endpoint, the client includes the code received in the authorization response as well as the additional parameter:

code_verifier=dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXk

The authorization server retrieves the information for the code grant. Based on the recorded code_challenge_method being S256, it then hashes and base64url-encodes the value of code_verifier:

BASE64URL-ENCODE(SHA256(ASCII(code_verifier)))

The calculated value is then compared with the value of "code_challenge":

BASE64URL-ENCODE(SHA256(ASCII(code_verifier))) == code_challenge

If the two values are equal, then the authorization server can provide the tokens as long as there are no other errors in the request. If the values are not equal, then the request must be rejected, and an error returned.

---