python-social-auth · nijel · Jan 31, 2024 · Jan 30, 2024 · Jan 30, 2024 · Jan 31, 2024
diff --git a/social_core/backends/etsy.py b/social_core/backends/etsy.py
@@ -7,9 +7,11 @@ class EtsyOAuth2(BaseOAuth2PKCE):
     AUTHORIZATION_URL = "https://www.etsy.com/oauth/connect"
     ACCESS_TOKEN_URL = "https://api.etsy.com/v3/public/oauth/token"
     REFRESH_TOKEN_URL = "https://api.etsy.com/v3/public/oauth/token"
+    PKCE_DEFAULT_CODE_CHALLENGE_METHOD = "S256"
     ACCESS_TOKEN_METHOD = "POST"
     REQUEST_TOKEN_METHOD = "POST"
     SCOPE_SEPARATOR = " "
+    REDIRECT_STATE = False
     EXTRA_DATA = [
         ("refresh_token", "refresh_token"),
         ("expires_in", "expires_in"),
@@ -38,5 +40,5 @@ def get_user_details(self, response):
             "last_name": response["last_name"],
             "email": response["primary_email"],
             "image_url_75x75": response["image_url_75x75"],
-            "username": response["user_id"],
+            "username": str(response["user_id"]),
         }
diff --git a/social_core/backends/oauth.py b/social_core/backends/oauth.py
@@ -494,7 +494,7 @@ def get_code_verifier(self):
 
     def generate_code_challenge(self, code_verifier, challenge_method):
         method = challenge_method.lower()
-        if method == "s256":
+        if method in ["s256", "S256"]:
             hashed = hashlib.sha256(code_verifier.encode()).digest()
             encoded = base64.urlsafe_b64encode(hashed)
             code_challenge = encoded.decode().replace("=", "")  # remove padding

diff --git a/social_core/tests/backends/oauth.py b/social_core/tests/backends/oauth.py
@@ -164,14 +164,15 @@ def do_login(self):
         code_challenge = auth_request.querystring.get("code_challenge")[0]
         code_challenge_method = auth_request.querystring.get("code_challenge_method")[0]
         self.assertIsNotNone(code_challenge)
-        self.assertEqual(code_challenge_method, "s256")
+        self.assertTrue(code_challenge_method in ["s256", "S256"])
 
         auth_complete = [
             r for r in requests if self.backend.access_token_url() in r.url
         ][0]
         code_verifier = auth_complete.parsed_body.get("code_verifier")[0]
         self.assertEqual(
-            self.backend.generate_code_challenge(code_verifier, "s256"), code_challenge
+            self.backend.generate_code_challenge(code_verifier, code_challenge_method),
+            code_challenge,
         )
 
         return user