From 132d2aac729f3f0c8de5759fb034e56918109309 Mon Sep 17 00:00:00 2001
From: Ryan Richard <richardry@vmware.com>
Date: Tue, 19 Apr 2022 11:35:46 -0700
Subject: [PATCH] add a code comment

---
 internal/oidc/discovery/discovery_handler.go      | 6 ++++--
 internal/oidc/discovery/discovery_handler_test.go | 2 +-
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/internal/oidc/discovery/discovery_handler.go b/internal/oidc/discovery/discovery_handler.go
index 8adf2350..f1fb9f82 100644
--- a/internal/oidc/discovery/discovery_handler.go
+++ b/internal/oidc/discovery/discovery_handler.go
@@ -1,4 +1,4 @@
-// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved.
+// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
 // SPDX-License-Identifier: Apache-2.0
 
 // Package discovery provides a handler for the OIDC discovery endpoint.
@@ -37,7 +37,9 @@ type Metadata struct {
 	TokenEndpointAuthMethodsSupported []string `json:"token_endpoint_auth_methods_supported"`
 	ScopesSupported                   []string `json:"scopes_supported"`
 	ClaimsSupported                   []string `json:"claims_supported"`
-	CodeChallengeMethodsSupported     []string `json:"code_challenge_methods_supported"`
+
+	// https://datatracker.ietf.org/doc/html/rfc8414#section-2 says, “If omitted, the authorization server does not support PKCE.”
+	CodeChallengeMethodsSupported []string `json:"code_challenge_methods_supported"`
 
 	// ^^^ Optional ^^^
 
diff --git a/internal/oidc/discovery/discovery_handler_test.go b/internal/oidc/discovery/discovery_handler_test.go
index 293cdad4..f8d8303f 100644
--- a/internal/oidc/discovery/discovery_handler_test.go
+++ b/internal/oidc/discovery/discovery_handler_test.go
@@ -1,4 +1,4 @@
-// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved.
+// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
 // SPDX-License-Identifier: Apache-2.0
 
 package discovery