From d1f32c3f65e003d4610a080e8f0b212781758c3c Mon Sep 17 00:00:00 2001
From: Peter Bwire <bwire517@gmail.com>
Date: Fri, 8 Dec 2023 07:36:27 +0300
Subject: [PATCH] use authorization code with PKCE for client browser

---
 lib/openid_client_browser.dart | 18 ++++++++++++------
 1 file changed, 12 insertions(+), 6 deletions(-)

diff --git a/lib/openid_client_browser.dart b/lib/openid_client_browser.dart
index fcfda0a..8247bc5 100644
--- a/lib/openid_client_browser.dart
+++ b/lib/openid_client_browser.dart
@@ -1,6 +1,8 @@
-import 'openid_client.dart';
-import 'dart:html' hide Credential, Client;
 import 'dart:async';
+import 'dart:html' hide Credential, Client;
+
+import 'openid_client.dart';
+
 export 'openid_client.dart';
 
 /// A wrapper around [Flow] that handles the browser-specific parts of
@@ -35,11 +37,15 @@ class Authenticator {
   Authenticator._(this.flow) : credential = _credentialFromUri(flow);
 
   Authenticator(Client client,
-      {Iterable<String> scopes = const [], String? device, String? prompt})
-      : this._(Flow.implicit(client,
-            device: device,
+      {Iterable<String> scopes = const [],
+      String? prompt,
+      String? codeVerifier,
+      Map<String, String>? additionalParameters})
+      : this._(Flow.authorizationCodeWithPKCE(client,
             state: window.localStorage['openid_client:state'],
-            prompt: prompt)
+            prompt: prompt,
+            codeVerifier: codeVerifier,
+            additionalParameters: additionalParameters)
           ..scopes.addAll(scopes)
           ..redirectUri = Uri.parse(window.location.href).removeFragment());