class Doorkeeper::OAuth::AuthorizationCodeRequest
def validate_code_verifier
if either side (server or client) request pkce, check the verifier
def validate_code_verifier return true unless grant.uses_pkce? || code_verifier return false unless grant.pkce_supported? if grant.code_challenge_method == "S256" grant.code_challenge == AccessGrant.generate_code_challenge(code_verifier) elsif grant.code_challenge_method == "plain" grant.code_challenge == code_verifier else false end end