Explain the OAuth 2.0 Authorization Code flow with PKCE. Why was the Implicit flow deprecated?

Authorization Code + PKCE is the recommended flow for public clients (SPAs, mobile apps) that cannot safely hold a client secret.

How PKCE works:

1. The client generates a random code_verifier (≥43 chars) and computes code_challenge = BASE64URL(SHA-256(code_verifier)).
2. The authorization request includes code_challenge and code_challenge_method=S256.
3. The server stores the challenge; on successful login, it issues an authorization code.
4. The client exchanges the code + the original code_verifier for tokens. The server verifies that SHA-256(verifier) == stored_challenge — only the client that started the flow can complete it.

Why this matters: Without PKCE, if an attacker intercepts the authorization code (via a redirect URI mismatch, an open redirect, or a browser history leak), they can exchange it for tokens. PKCE ensures code interception is useless without the verifier.

Why Implicit was deprecated (RFC 9700):

• The Implicit flow returned access tokens directly in the URL fragment (e.g. #access_token=...) — exposed in browser history, referrer headers, and server logs.
• No refresh token was issued, and tokens couldn't be bound to a specific client.
• PKCE makes Authorization Code safe for public clients, eliminating the need for Implicit entirely.