Still learning hydra & OIDC. When using PKCE I understand we need to set code_challenge and code_challenge_method but I do not see any mention of code_challenge_methods_supported in the discovery document (.well-known/openid-configuration). I was expecting something along the lines:
"code_challenge_methods_supported": [
"plain",
"S256"
]
Is there a reason for this, or is this an oversight?
I think you’re confiusing OpenID Connect discovery with OAuth 2.0 discovery 
The second of which is not supported by hydra atm
I guess I am. rfc8414 mentions code_challenge_methods_supported for the purpose of PKCE (https://tools.ietf.org/html/rfc7636) while all OIDC specs seem not ratified by IETF, while OIDC is said to be a standard on top of oauth 2.0. It is a confusing space to work in.
I asked because I was looking into PKCE, found out about code_challenge_method and found code_challenge_methods_supported in https://accounts.google.com/.well-known/openid-configuration so let me rephrase the question: is Google stretching the specs here? Again, still learning about OIDC, I understand this is not really about Hydra.
That’s possible!