-
Notifications
You must be signed in to change notification settings - Fork 24
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #18 from FusionAuth/add-code-verifier-parameter
Added code verifier as a parameter.
- Loading branch information
Showing
2 changed files
with
66 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
64 changes: 64 additions & 0 deletions
64
src/main/api/exchangeOAuthCodeForAccessTokenUsingPKCE.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,64 @@ | ||
{ | ||
"uri": "/oauth2/token", | ||
"comments": [ | ||
"Exchanges an OAuth authorization code and code_verifier for an access token.", | ||
"Makes a request to the Token endpoint to exchange the authorization code returned from the Authorize endpoint and a code_verifier for an access token." | ||
], | ||
"method": "post", | ||
"methodName": "exchangeOAuthCodeForAccessTokenUsingPKCE", | ||
"successResponse": "AccessToken", | ||
"errorResponse": "OAuthError", | ||
"anonymous": true, | ||
"params": [ | ||
{ | ||
"name": "code", | ||
"comments": [ | ||
"The authorization code returned on the /oauth2/authorize response." | ||
], | ||
"type": "form", | ||
"javaType": "String" | ||
}, | ||
{ | ||
"name": "client_id", | ||
"comments": [ | ||
"(Optional) The unique client identifier. The client Id is the Id of the FusionAuth Application in which you you are attempting to authenticate. This parameter is optional when the Authorization header is provided." | ||
], | ||
"type": "form", | ||
"javaType": "String" | ||
}, | ||
{ | ||
"name": "client_secret", | ||
"comments": [ | ||
"(Optional) The client secret. This value may optionally be provided in the request body instead of the Authorization header." | ||
], | ||
"type": "form", | ||
"javaType": "String" | ||
}, | ||
{ | ||
"name": "grant_type", | ||
"comments": [ | ||
"The grant type to be used. This value must be set to authorization_code" | ||
], | ||
"type": "form", | ||
"javaType": "String", | ||
"constant": true, | ||
"value": "authorization_code" | ||
}, | ||
{ | ||
"name": "redirect_uri", | ||
"comments": [ | ||
"The URI to redirect to upon a successful request." | ||
], | ||
"type": "form", | ||
"javaType": "String" | ||
}, | ||
{ | ||
"name": "code_verifier", | ||
"comments": [ | ||
"The random string generated previously. Will be compared with the code_challenge sent previously, which allows the OAuth provider to authenticate your app." | ||
], | ||
"type": "form", | ||
"javaType": "String" | ||
} | ||
] | ||
} |