AuthorizationCodeGrant constructor
Creates a new grant.
If basicAuth is true (the default), the client credentials are sent to
the server using using HTTP Basic authentication as defined in RFC 2617.
Otherwise, they're included in the request body. Note that the latter form
is not recommended by the OAuth 2.0 spec, and should only be used if the
server doesn't support Basic authentication.
httpClient is used for all HTTP requests made by this grant, as well as
those of the Client is constructs.
onCredentialsRefreshed will be called by the constructed Client
whenever the credentials are refreshed.
codeVerifier String to be used as PKCE code verifier. If none is
provided a random codeVerifier will be generated.
The codeVerifier must meet requirements specified in RFC 7636.
The scope strings will be separated by the provided delimiter. This
defaults to " ", the OAuth2 standard, but some APIs (such as Facebook's)
use non-standard delimiters.
By default, this follows the OAuth2 spec and requires the server's
responses to be in JSON format. However, some servers return non-standard
response formats, which can be parsed using the getParameters function.
This function is passed the Content-Type header of the response as well
as its body as a UTF-8-decoded string. It should return a map in the same
format as the standard JSON response.
Implementation
AuthorizationCodeGrant(
this.identifier, this.authorizationEndpoint, this.tokenEndpoint,
{this.secret,
String? delimiter,
bool basicAuth = true,
http.Client? httpClient,
CredentialsRefreshedCallback? onCredentialsRefreshed,
Map<String, dynamic> Function(MediaType? contentType, String body)?
getParameters,
String? codeVerifier})
: _basicAuth = basicAuth,
_httpClient = httpClient ?? http.Client(),
_delimiter = delimiter ?? ' ',
_getParameters = getParameters ?? parseJsonParameters,
_onCredentialsRefreshed = onCredentialsRefreshed,
_codeVerifier = codeVerifier ?? _createCodeVerifier();