Record session state for authorization server

nuts-foundation / nuts-node

The reference implementation of the Nuts specification. A decentralized identity network based on the w3c ssi concepts with practical functionality for the healthcare domain.

https://nuts-foundation.gitbook.io

GNU General Public License v3.0

25 stars 16 forks source link

Record session state for authorization server #2391

Closed woutslakhorst closed 1 year ago

woutslakhorst commented 1 year ago

The authorization server must link the nonce's, authorization code and access token to the correct flow. This is already done for the openID4VCI flow. This in-memory store can be reused.

woutslakhorst commented 1 year ago

The s2s flow will directly request an access token, the resulting token should be linked in-memory to the original request for introspection purposes.