Authorization request

[Trung Pham Quoc]

Hi team,

I am working on implement PKCE onto our team customized browser.  Yet I cannot find in the sign in code (which unfortunately spans many subdirs) where the authorization request are made to retrieve the authorization code so I can send code challenge along with it. Do you guys have any suggestion where I should look for?

[Trung Pham Quoc]

I should have been a bit more clear. The sign in flow is the Dice sign in flow when you start the browser up and add new user to the browser, right then you are redirect to the authentication endpoint of Google service. My question is where the code that make the auth request to google auth server. Thank you and have a nice day!

[Alex Ilin]

I can give you code pointers but be aware that some APIs Chrome uses for sign-in are restricted to first-party: https://www.chromium.org/developers/how-tos/api-keys/#signing-in-to-chromium-is-restricted

GaiaAuthFetcher::StartAuthCodeForOAuth2TokenExchangeI() is the function that exchanges an auth code for a OAuth2 refresh token.

Chrome obtains an authorization code at sign-in through the first-party DICE protocol. 

--
--
Chromium Developers mailing list: chromi...@chromium.org
View archives, change email options, or unsubscribe:
http://groups.google.com/a/chromium.org/group/chromium-dev
---
You received this message because you are subscribed to the Google Groups "Chromium-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to chromium-dev...@chromium.org.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/chromium-dev/c99426c6-5317-4ff9-96f2-c76c09827ac0n%40chromium.org.