Open rafaeltab opened 2 years ago
a) Exchange an authorization code for access token and refresh token
b) Refresh a refresh token and get an access_token
flowchart TD %%actors%% db[(Database)] user([User]) client([User]) %%actions%% get_tokens[[Get tokens]] get_tokens_for_authorization_code[[Get tokens for authorization code]] get_tokens_for_refresh_token[[Get tokens for refresh token]] %%steps%% check_grant_type{{Check grant type}} check_if_state_matches_redirect_uri{{Check if state matches redirect uri}} check_if_state_matches_clientid{{Check if state matches clientid}} check_if_refresh_tokens_match_clientid{{Check if clientid matches refresh_tokens}} check_if_clientid_valid{{Check if clientid is valid}} issue_tokens{{Issue tokens}} return_error{{Return error}} %%graph%% user-->get_tokens subgraph Server get_tokens-->check_grant_type check_grant_type-- Anything else --> return_error check_grant_type-- was authorization_code -->get_tokens_for_authorization_code check_grant_type-- was refresh_token -->get_tokens_for_refresh_token subgraph authorization_code get_tokens_for_authorization_code-->check_if_state_matches_redirect_uri check_if_state_matches_redirect_uri-->check_if_state_matches_clientid end subgraph refresh_token get_tokens_for_refresh_token-->check_if_refresh_tokens_match_clientid end check_if_refresh_tokens_match_clientid-->check_if_clientid_valid check_if_state_matches_clientid-->check_if_clientid_valid check_if_clientid_valid-->issue_tokens issue_tokens end issue_tokens-- Return with tokens -->client return_error-- Return with error -->client issue_tokens---db check_if_clientid_valid---db
public /api/v%version%/auth/tokens
POST
a) Exchange an authorization code for access token and refresh token
b) Refresh a refresh token and get an access_token
Implementation