OAuth2StateProvider

interface OAuth2StateProvider

Deprecated: Use NonceManager instead

Provides states for OAuth2. State could be just a random number (nonce) or could contain additional form fields or a signature. It is important that it should be a way to verify state. So all states need to be saved somehow or a state need to be a signed set of parameters that could be verified later

Functions

getState

abstract suspend fun getState(call: ApplicationCall): String

Generates a new state for given call

verifyState

abstract suspend fun verifyState(state: String): Unit

Verifies state and throws exceptions if it’s not valid

Inheritors

DefaultOAuth2StateProvider

object DefaultOAuth2StateProvider : OAuth2StateProvider

The default state provider that does generate random nonce and don’t keep them