OAuth: Authorization Code Grant

## Description

The primary OAuth 2.1 flow for web applications with mandatory PKCE support.

## Implemented

- ✅ Full authorization code grant flow
- ✅ PKCE support (S256 and plain methods)
- ✅ Authorization code generation and storage
- ✅ One-time code usage (replay prevention)
- ✅ Redirect URI and scope validation
- ✅ Access token and refresh token issuance
- ✅ OpenID Connect ID token support

## Remaining Work

- Consent management UI (view/revoke consents)
- Prompt parameter handling (login, consent, none)
- Max_age parameter support
- ACR/AMR claims
- Claims parameter for requesting specific claims
- form_post response mode
- UI localization

## Files

- Plan: [`plans/oauth-authorization-code-grant.md`](../blob/main/plans/oauth-authorization-code-grant.md)
- Implementation: `packages/oauth/`
- Routes: `apps/app/src/routes/auth/oauth/`

## Getting Started

1. Review existing authorization code implementation
2. Add prompt parameter handling
3. Implement consent management UI

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

OAuth: Authorization Code Grant #165

Description

Implemented

Remaining Work

Files

Getting Started

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Uh oh!

OAuth: Authorization Code Grant #165

Description

Description

Implemented

Remaining Work

Files

Getting Started

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions