http4k / org.http4k.security.oauth.server / ClientValidator
interface ClientValidator
Provides a consistent way to retrieve clients attempting to use an authorization code flow
| Name | Summary |
|---|---|
| validateClientId | <ul><li>check that client_id is a valid, registered app</li></ul>abstract fun validateClientId(request: Request, clientId: ClientId): Boolean |
| validateCredentials | Validate that credentials provided by the client match its registration recordsabstract fun validateCredentials(request: Request, clientId: ClientId, clientSecret: String): Boolean |
| validateRedirection | <ul><li>redirection URI is one of the allowed ones for that client</li></ul>abstract fun validateRedirection(request: Request, clientId: ClientId, redirectionUri: Uri): Boolean |
| validateScopes | <ul><li>scopes are allowed for that client</li></ul>abstract fun validateScopes(request: Request, clientId: ClientId, scopes: List<String>): Boolean |