frankie567 · frankie567 · Feb 6, 2024 · Feb 2, 2024 · Feb 5, 2024 · frankie567
diff --git a/docs/oauth2.md b/docs/oauth2.md
@@ -29,6 +29,8 @@ Returns the authorization URL where you should redirect the user to ask for thei
     * `redirect_uri: str`: Your callback URI where the user will be redirected after the service prompt.
     * `state: str = None`: Optional string that will be returned back in the callback parameters to allow you to retrieve state information.
     * `scope: Optional[List[str]] = None`: Optional list of scopes to ask for.
+    * `code_challenge: Optional[str] = None`: Optional code_challenge in a [PKCE context](https://datatracker.ietf.org/doc/html/rfc7636).
+    * `code_challenge_method: ptional[str] = None`: Optional code_challenge_method in a [PKCE context](https://datatracker.ietf.org/doc/html/rfc7636).
     * `extras_params: Optional[Dict[str, Any]] = None`: Optional dictionary containing parameters specific to the service.
 
 !!! example

diff --git a/httpx_oauth/clients/franceconnect.py b/httpx_oauth/clients/franceconnect.py
@@ -67,7 +67,7 @@ async def get_authorization_url(
             _extras_params["nonce"] = secrets.token_urlsafe()
 
         return await super().get_authorization_url(
-            redirect_uri, state, scope, _extras_params
+            redirect_uri, state, scope, extras_params=_extras_params
         )
 
     async def get_id_email(self, token: str) -> Tuple[str, Optional[str]]:

diff --git a/httpx_oauth/oauth2.py b/httpx_oauth/oauth2.py
@@ -100,6 +100,8 @@ async def get_authorization_url(
         redirect_uri: str,
         state: Optional[str] = None,
         scope: Optional[List[str]] = None,
+        code_challenge: Optional[str] = None,
+        code_challenge_method: Optional[str] = None,
         extras_params: Optional[T] = None,
     ) -> str:
         params = {
@@ -116,6 +118,12 @@ async def get_authorization_url(
         if _scope is not None:
             params["scope"] = " ".join(_scope)
 
+        if code_challenge is not None:
+            params["code_challenge"] = code_challenge
+
+        if code_challenge_method is not None:
+            params["code_challenge_method"] = code_challenge_method
+
         if extras_params is not None:
             params = {**params, **extras_params}  # type: ignore
 

diff --git a/tests/test_oauth2.py b/tests/test_oauth2.py
@@ -93,6 +93,16 @@ async def test_get_authorization_url_with_scopes(self):
         )
         assert "scope=SCOPE1+SCOPE2+SCOPE3" in authorization_url
 
+    @pytest.mark.asyncio
+    async def test_get_authorization_url_with_plain_code_challenge(self):
+        authorization_url = await client.get_authorization_url(
+            REDIRECT_URI,
+            code_challenge="CODE_CHALLENGE",
+            code_challenge_method="plain",
+        )
+        assert "code_challenge=CODE_CHALLENGE" in authorization_url
+        assert "code_challenge_method=plain" in authorization_url
+
     @pytest.mark.asyncio
     async def test_get_authorization_url_with_extras_params(self):
         authorization_url = await client.get_authorization_url(