vck-openid/at.asitplus.wallet.lib.oauth2/AuthorizationService

AuthorizationService

Provides interface for implementing an OAuth 2.0 Authorization Server, which may be used with an at.asitplus.wallet.lib.oidvci.OAuth2AuthorizationServerAdapter for a at.asitplus.wallet.lib.oidvci.CredentialIssuer.

Inheritors

SimpleQtspAuthorizationService

SimpleAuthorizationService

Functions

authorize

abstract suspend fun authorize(input: RequestParameters, loadUserFun: OAuth2LoadUserFun): KmmResult<AuthenticationResponseResult.Redirect>

Builds the authentication response for this specific user from loadUserFun. Send this result as HTTP Header Location in a 302 response to the client.

par

abstract suspend fun par(request: RequestParameters, httpRequest: RequestInfo? = null): KmmResult<PushedAuthenticationResponseParameters>

abstract suspend fun par(input: String, httpRequest: RequestInfo? = null): KmmResult<PushedAuthenticationResponseParameters>

Pushed authorization request endpoint as defined in RFC 9126. Clients send their authorization request as HTTP POST with application/x-www-form-urlencoded to the AS.

token

abstract suspend fun token(request: TokenRequestParameters, httpRequest: RequestInfo? = null): KmmResult<TokenResponseParameters>

Verifies the authorization code sent by the client and issues an access token. Send this value JSON-serialized back to the client.

tokenIntrospection

abstract suspend fun tokenIntrospection(request: TokenIntrospectionRequest, httpRequest: RequestInfo? = null): KmmResult<TokenIntrospectionResponse>

RFC7662: OAuth 2.0 Token Introspection

userInfo

abstract suspend fun userInfo(authorizationHeader: String, httpRequest: RequestInfo? = null): KmmResult<JsonObject>

Returns the user info associated with this access token, when the token in authorizationHeader is correct.