「应用安全」OAuth和OpenID Connect的全面比较(45)_1.简介在这篇文章中

String computedChallenge = computeChallenge(acEntity verifier);

if (challenge.equals(computedChallenge))

{

// OK. The presented code_verifier is valid.

return;

// The code challenge value computed with 'code_verifier'

// is different from 'code_challenge' contained in the

// authorization request.

throw toException(invalid_grant A050315);

private String computeChallenge(

AuthorizationCodeEntity acEntity String verifier)

{

CodeChallengeMethod method = acEntity.getCodeChallengeMethod();

「应用安全」OAuth和OpenID Connect的全面比较(45)