- @httpPost
Creates a one-time use authorization code.
This method will respond with a redirect that contains an authorization code ('code') and the passed in 'state'. If this request fails, the redirect URL will contain an 'error' key instead of the authorization code.
This method is typically invoked by the login form returned from the GET to this path.
Source
@httpPost Future<Response> authorize( {@HTTPQuery("username") String username, @HTTPQuery("password") String password, @HTTPQuery("scope") String scope}) async { var client = await authServer.clientForID(clientID); if (state == null) { var exception = new AuthServerException(AuthRequestError.invalidRequest, client); return _redirectResponse(null, null, error: exception); } if (responseType != "code") { if (client?.redirectURI == null) { return new Response.badRequest(); } var exception = new AuthServerException(AuthRequestError.invalidRequest, client); return _redirectResponse(null, state, error: exception); } try { var scopes = scope ?.split(" ") ?.map((s) => new AuthScope(s)) ?.toList(); var authCode = await authServer.authenticateForCode(username, password, clientID, requestedScopes: scopes); return _redirectResponse(client.redirectURI, state, code: authCode.code); } on FormatException { return _redirectResponse(null, state, error: new AuthServerException(AuthRequestError.invalidScope, client)); } on AuthServerException catch (e) { return _redirectResponse(null, state, error: e); } }