diff --git a/config/locales/doorkeeper.en.yml b/config/locales/doorkeeper.en.yml
index 3b3b141afa7..f0a47651cb4 100644
--- a/config/locales/doorkeeper.en.yml
+++ b/config/locales/doorkeeper.en.yml
@@ -83,7 +83,10 @@ en:
         access_denied: The resource owner or authorization server denied the request.
         credential_flow_not_configured: Resource Owner Password Credentials flow failed due to Doorkeeper.configure.resource_owner_from_credentials being unconfigured.
         invalid_client: Client authentication failed due to unknown client, no client authentication included, or unsupported authentication method.
-        invalid_code_challenge_method: The code challenge method must be S256, plain is unsupported.
+        invalid_code_challenge_method:
+          one: The code_challenge_method must be %{challenge_methods}.
+          other: The code_challenge_method must be one of %{challenge_methods}.
+          zero: The authorization server does not support PKCE as there are no accepted code_challenge_method values.
         invalid_grant: The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client.
         invalid_redirect_uri: The redirect uri included is not valid.
         invalid_request:
diff --git a/spec/system/oauth_spec.rb b/spec/system/oauth_spec.rb
index 19235eab425..bba4b03ace3 100644
--- a/spec/system/oauth_spec.rb
+++ b/spec/system/oauth_spec.rb
@@ -98,28 +98,27 @@ RSpec.describe 'Using OAuth from an external app' do
       context 'when using plain code challenge method' do
         let(:pkce_code_challenge_method) { 'plain' }
 
-        it 'does not include the PKCE values in the response' do
+        it 'shows an error message and does not include the PKCE values or authorize button' do
           subject
 
-          expect(page).to have_no_css('.oauth-prompt input[name=code_challenge]')
-          expect(page).to have_no_css('.oauth-prompt input[name=code_challenge_method]')
-        end
-
-        it 'does not include the authorize button' do
-          subject
-
-          expect(page).to have_no_css('.oauth-prompt button[type="submit"]')
-        end
-
-        it 'includes an error message' do
-          subject
+          expect(page)
+            .to have_no_css('.oauth-prompt input[name=code_challenge]')
+            .and have_no_css('.oauth-prompt input[name=code_challenge_method]')
+            .and have_no_css('.oauth-prompt button[type="submit"]')
 
           within '.form-container .flash-message' do
-            # FIXME: Replace with doorkeeper.errors.messages.invalid_code_challenge_method.one for Doorkeeper > 5.8.0
-            # see: https://github.com/doorkeeper-gem/doorkeeper/pull/1747
-            expect(page).to have_content(I18n.t('doorkeeper.errors.messages.invalid_code_challenge_method'))
+            expect(page)
+              .to have_content(doorkeeper_invalid_code_message)
           end
         end
+
+        def doorkeeper_invalid_code_message
+          I18n.t(
+            'doorkeeper.errors.messages.invalid_code_challenge_method',
+            challenge_methods: Doorkeeper.configuration.pkce_code_challenge_methods.join(', '),
+            count: Doorkeeper.configuration.pkce_code_challenge_methods.length
+          )
+        end
       end
 
       context 'when the user has yet to enable TOTP' do