From 24a4ee0ba5776f7a119824946ab7bdf9e4d02fd0 Mon Sep 17 00:00:00 2001
From: JuliusPC <github@mepnet.de>
Date: Fri, 14 May 2021 14:47:35 +0200
Subject: [PATCH] fix automatic PKCE

---
 CHANGELOG.md                | 5 +++++
 src/OpenIDConnectClient.php | 2 +-
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 220b735d..3fe591de 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,6 +4,11 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](http://keepachangelog.com/)
 and this project adheres to [Semantic Versioning](http://semver.org/).
 
+## [1.1.1]
+
+### Changed
+* fixed automatic PKCE
+
 ## [1.1.0]
 
 ### Added
diff --git a/src/OpenIDConnectClient.php b/src/OpenIDConnectClient.php
index 951719ab..1765e973 100644
--- a/src/OpenIDConnectClient.php
+++ b/src/OpenIDConnectClient.php
@@ -698,7 +698,7 @@ private function requestAuthorization() {
         // PKCE will only used in pure authorization code flow and hybrid flow
         if (!$this->unsafeDisablePkce
             && !empty($this->getCodeChallengeMethod())
-            && count(array_diff($this->responseTypes, ['token', 'id_token'])) > 0
+            && (empty($this->responseTypes) || count(array_diff($this->responseTypes, ['token', 'id_token'])) > 0)
         ) {
             $codeVerifier = \bin2hex(\random_bytes(64));
             $this->setCodeVerifier($codeVerifier);