How to handle PKCE with Google Oauth2? #773

conceptofmind · 2025-05-20T19:26:55Z

conceptofmind
May 20, 2025

Hello,

Thank you for all of your great work.

I was wondering what the best way to handle PKCE with the Google Oauth2 flow would be?

Should I say do we just set code_challenge_method="S256" and that handles it:

@auth_router.get("/login/google")
async def login_google(request: Request):
    redirect_uri = FASTAPI_BACKEND_URL + "/auth/"
    return await oauth.google.authorize_redirect(
        request, 
        redirect_uri,
        code_challenge_method="S256"
    )

Or does the coder verifier need to be explicitly defined:

@auth_router.get("/login/google")
async def login_google(request: Request):
    redirect_uri = FASTAPI_BACKEND_URL + "/auth/"
    code_verifier = generate_token(48)
    request.session["code_verifier"] = code_verifier
    return await oauth.google.authorize_redirect(
        request, 
        redirect_uri,
        code_challenge_method="S256",
        code_verifier=code_verifier
    )

And then on the callback:

@auth_router.get("/auth")
async def auth_google_callback(request: Request, db: AsyncDB):
    logger.info(request.session)
    # await google access token
    try:

        code_verifier = request.session.get("code_verifier")
        if not code_verifier:
            logger.error("Code verifier not found in session")
            return RedirectResponse(url=f'{NEXTJS_FRONTEND_URL}/login?error=missing_verifier')

        token = await oauth.google.authorize_access_token(request)
    except OAuthError as e:
        logger.error(f"OAuth error during callback: {str(e)}")
        return RedirectResponse(url=f'{NEXTJS_FRONTEND_URL}/login?error={str(e)}')

Thank you,

Enrico

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

How to handle PKCE with Google Oauth2? #773

Uh oh!

{{title}}

Uh oh!

Replies: 0 comments

Select a reply

Uh oh!

Uh oh!

How to handle PKCE with Google Oauth2? #773

Uh oh!

conceptofmind May 20, 2025

Replies: 0 comments

conceptofmind
May 20, 2025