fix: Remove Base64 padding in DefaultPKCEProvider (#1375)

* fix: Remove Base64 padding in DefaultPKCEProvider Fixes #1373.

Author: clundin25

oauth2_http/java/com/google/auth/oauth2/DefaultPKCEProvider.java

@@ -90,7 +90,7 @@ private class CodeChallenge {
 
  byte[] digest = md.digest();
 
- this.codeChallenge = Base64.getUrlEncoder().encodeToString(digest);
+ this.codeChallenge = Base64.getUrlEncoder().encodeToString(digest).replace("=", "");
  this.codeChallengeMethod = "S256";
  } catch (NoSuchAlgorithmException e) {
  this.codeChallenge = codeVerifier;

oauth2_http/javatests/com/google/auth/oauth2/DefaultPKCEProviderTest.java

@@ -32,6 +32,7 @@
 package com.google.auth.oauth2;
 
 import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
 
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
@@ -52,10 +53,17 @@ public void testPkceExpected() throws NoSuchAlgorithmException {
 
  byte[] digest = md.digest();
 
- String expectedCodeChallenge = Base64.getUrlEncoder().encodeToString(digest);
+ String expectedCodeChallenge = Base64.getUrlEncoder().encodeToString(digest).replace("=", "");
  String expectedCodeChallengeMethod = "S256";
 
  assertEquals(pkce.getCodeChallenge(), expectedCodeChallenge);
  assertEquals(pkce.getCodeChallengeMethod(), expectedCodeChallengeMethod);
  }
+
+ @Test
+ public void testNoBase64Padding() throws NoSuchAlgorithmException {
+ PKCEProvider pkce = new DefaultPKCEProvider();
+ assertFalse(pkce.getCodeChallenge().endsWith("="));
+ assertFalse(pkce.getCodeChallenge().contains("="));
+ }
 }