pub async fn access_token_with_authorization_code(
http_service: &BoxCloneSyncService<Request<Bytes>, Response<Bytes>, Box<dyn Error + Send + Sync>>,
client_credentials: ClientCredentials,
token_endpoint: &Url,
code: String,
validation_data: AuthorizationValidationData,
id_token_verification_data: Option<JwtVerificationData<'_>>,
now: DateTime<Utc>,
rng: &mut impl Rng,
) -> Result<(AccessTokenResponse, Option<Jwt<'static, HashMap<String, Value>>>), TokenAuthorizationCodeError>
experimental-oidc
only.Expand description
Exchange an authorization code for an access token.
This should be used as the first step for logging in, and to request a token with a new scope.
§Arguments
-
http_service
- The service to use for making HTTP requests. -
client_credentials
- The credentials obtained when registering the client. -
token_endpoint
- The URL of the issuer’s Token endpoint. -
code
- The authorization code returned at the Authorization endpoint. -
validation_data
- The validation data that was returned when building the Authorization URL, for the state returned at the Authorization endpoint. -
id_token_verification_data
- The data required to verify the ID Token in the response.The signing algorithm corresponds to the
id_token_signed_response_alg
field in the client metadata.If it is not provided, the ID Token won’t be verified. Note that in the OpenID Connect specification, this verification is required.
-
now
- The current time. -
rng
- A random number generator.
§Errors
Returns an error if the request fails, the response is invalid or the verification of the ID Token fails.