http4k / org.http4k.security / InsecureCookieBasedOAuthPersistence / assignToken
fun assignToken(request: Request, redirect: Response, accessToken: AccessToken, idToken: IdToken?): Response
Assign the swapped AccessToken (and optional IdToken) returned by the end-service. Opportunity here to modify the response returned to the user when the redirection happens.
Notice that both accessToken and idToken contain the raw response from the authorization server and may require extra validation before use.