validations.rb in doorkeeper-5.8.0

- old
+ new

@@ -9,10 +9,11 @@
       #
       def validate!
         validate_reuse_access_token_value
         validate_token_reuse_limit
         validate_secret_strategies
+        validate_pkce_code_challenge_methods
       end
 
       private
 
       # Determine whether +reuse_access_token+ and a non-restorable
@@ -45,9 +46,20 @@
         ::Rails.logger.warn(
           "[DOORKEEPER] You have configured an invalid value for token_reuse_limit option. " \
           "It will be set to default 100",
         )
         @token_reuse_limit = 100
+      end
+
+      def validate_pkce_code_challenge_methods
+        return if pkce_code_challenge_methods.all? {|method| method =~ /^plain$|^S256$/ }
+
+        ::Rails.logger.warn(
+          "[DOORKEEPER] You have configured an invalid value for pkce_code_challenge_methods option. " \
+          "It will be set to default ['plain', 'S256']",
+        )
+
+        @pkce_code_challenge_methods = ['plain', 'S256']
       end
     end
   end
 end