http4k / org.http4k.security.oauth.server / ClientValidator
interface ClientValidator
Provides a consistent way to retrieve clients attempting to use an authorization code flow
Name | Summary |
---|---|
validateClientId | <ul><li>check that client_id is a valid, registered app</li></ul>abstract fun validateClientId(request: Request , clientId: ClientId ): Boolean |
validateCredentials | Validate that credentials provided by the client match its registration recordsabstract fun validateCredentials(request: Request , clientId: ClientId , clientSecret: String ): Boolean |
validateRedirection | <ul><li>redirection URI is one of the allowed ones for that client</li></ul>abstract fun validateRedirection(request: Request , clientId: ClientId , redirectionUri: Uri ): Boolean |
validateScopes | <ul><li>scopes are allowed for that client</li></ul>abstract fun validateScopes(request: Request , clientId: ClientId , scopes: List < String >): Boolean |