!!! Overview
The [{$pagename}] is specified in the [Proof Key for Code Exchange by OAuth Public Clients]

The [OAuth Client] then creates a [{$pagename}] derived from the [code_verifier] by using one of the following transformations on the [code_verifier]:
*  plain [{$pagename}] = [code_verifier]
*  [S256] [{$pagename}] = base64url.[encode|Encoding]([crypto|Cryptography].[createHash|Hash Function]('sha256').update(code_verifier).digest());

If the [OAuth Client] is capable of using "S256", it MUST use "S256", as "[S256]" is [Mandatory To Implement] (MTI) on the server.  [OAuth Clients] are permitted to use "plain" only if they cannot support "[S256]" for some technical reason and know via out of band configuration that the server supports "plain".

The plain transformation is for compatibility with existing deployments and for constrained environments that can't use the [S256] transformation.

ABNF for "code_challenge" is as follows.
%%prettify 
{{{
code-challenge = 43*128unreserved
unreserved = ALPHA / DIGIT / "-" / "." / "_" / "~"
ALPHA = %x41-5A / %x61-7A
DIGIT = %x30-39
}}} /%

!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]