vrr/spawn
2
0
Fork 0
mirror of https://github.com/OpenRouterTeam/spawn.git synced 2026-05-08 01:51:14 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 7
spawn/packages
History
A 8d3d7e4619
feat(oauth): add PKCE S256 code challenge to OpenRouter OAuth flow (#2654) 
Implements RFC 7636 PKCE with S256 code challenge method for the
OpenRouter OAuth authorization flow. This prevents authorization code
interception attacks by binding the code to a cryptographic verifier.

Changes:
- Generate code_verifier (32 random bytes, base64url-encoded)
- Derive code_challenge via SHA-256 + base64url
- Send code_challenge + code_challenge_method=S256 in auth URL
- Send code_verifier + code_challenge_method in token exchange POST
- Add test suite with RFC 7636 Appendix B test vector validation

Co-authored-by: Claude <claude@anthropic.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Co-authored-by: L <6723574+louisgv@users.noreply.github.com>
2026-03-15 10:14:48 -07:00
..
cli feat(oauth): add PKCE S256 code challenge to OpenRouter OAuth flow (#2654) 2026-03-15 10:14:48 -07:00
shared feat: add downloadFile to CloudRunner + local OpenClaw config merge (#2636) 2026-03-14 15:47:32 -07:00