|
DeterministicESPAsyncWebServer v6.28.0
Zero-allocation, bounded-execution async HTTP server for ESP32
|
OAuth2 token-endpoint client - authorization-code + refresh (DETWS_ENABLE_OAUTH2). More...
Go to the source code of this file.
OAuth2 token-endpoint client - authorization-code + refresh (DETWS_ENABLE_OAUTH2).
The other half of the OAuth/OIDC story (services/oidc verifies the ID token; this obtains the tokens). A relying party exchanges an authorization code for tokens at the provider's token endpoint, or refreshes them, per RFC 6749 §4.1.3 / §6:
application/x-www-form-urlencoded request body (proper percent-encoding) for the authorization_code and refresh_token grants, and parse the JSON token response (reusing the library's zero-heap JSON reader) into ::DetwsOAuth2Tokens.Supports a confidential client (client_secret) or a public client with PKCE (code_verifier, RFC 7636) - pass whichever applies, nullptr for the other. No heap, no stdlib.
Definition in file oauth2.h.