interface OAuth2StateProvider
Provides states for OAuth2. State could be just a random number (nonce) or could contain additional form fields or a signature. It is important that it should be a way to verify state. So all states need to be saved somehow or a state need to be a signed set of parameters that could be verified later
abstract suspend fun getState(call: ApplicationCall): String
Generates a new state for given call |
|
abstract suspend fun verifyState(state: String): Unit
Verifies state and throws exceptions if it's not valid |
object
The default state provider that does generate random nonce and don't keep them |