Summary

Generates the PKCE code challenge by applying the S256 transformation (base64url(SHA256(verifier))) recommended by RFC 7636 §4.2 for public clients. The same guidance is echoed by the OWASP OAuth 2.0 cheat sheet, so this helper always uses SHA-256 plus URL-safe base64 encoding.

new(opts \\ [])

Generates a fresh PKCE triple.

Types

t()

@type t() :: %Immich.API.PKCE{
  code_challenge: String.t(),
  code_verifier: String.t(),
  state: String.t()
}

Functions

challenge(code_verifier)

@spec challenge(String.t()) :: String.t()

Generates the PKCE code challenge by applying the S256 transformation (base64url(SHA256(verifier))) recommended by RFC 7636 §4.2 for public clients. The same guidance is echoed by the OWASP OAuth 2.0 cheat sheet, so this helper always uses SHA-256 plus URL-safe base64 encoding.

new(opts \\ [])

@spec new(keyword()) :: t()

Generates a fresh PKCE triple.

Options:

:verifier_length - target length for the code verifier (default: 64)
:state_length - target length for the state token (default: 32)
:rand_fun - function that receives a positive integer and returns that many random bytes

Immich.API.PKCE (ex_immich v0.1.1)

Summary

Types

Functions

Types

t()

Functions

challenge(code_verifier)

new(opts \\ [])