dmfs
commented
9 months ago You don't need to store these values separately. Instead use the encodedState and a InteractiveGrantFactory to restore the AuthorizationCodeGrant and resume the authentication flow from there. Both values can be discarded after the authentication code has been exchanged for an auth-token and refresh-token.
I understand that both secret and code_verifier should be stored in server, for next OAuth calls to be made with Authorisation servers.
But I can only get encodedState that has secret and code_verfier encoded along with other informations. In Java Docs it says that it would be changed without any notice?
In that case how would I get those values?