OIDC plugin with PKCE code_challenge config?

[kedarkekan]

Hello,

Does OIDC plugin support adding random string a code challange in authorize call for IDP that support clients for authorization flow with PKCE?

We are using a confidential client with client id and client secret for OIDC plugin; however the client for react app is public client that uses PKCE. We observed that kong-oidc during 302 redirection creates a location that UI needs to invoke; however, since the code_challenge is missing from /authorize call, the IDP will fail the request with 400 bad request

[kedarkekan]

Something similar to what kong enterprise oidc plugin does maybe?

config.authorization_query_args_names
config.authorization_query_args_values

ref: https://tech.aufomm.com/kong-oidc-plugin-extra-use-cases/