TAuthState Class
Holds the state generated at the start of an authorization flow.
Remarks
An instance is created by TOidcClient.StartAuthorize and must be kept available until TOidcClient.FinishAuthorize is called. It carries the authorization URL to redirect the user to, the PKCE verifier/challenge pair, the nonce, and any application-defined state that should survive the redirect round-trip.
The object is also persisted via the internal storage so that the callback handler can look it up by the state parameter returned by the provider.
Syntax
Unit: Sphinx.OidcClient.AuthState
TAuthState = class(TObject);Properties
| Name | Description |
|---|---|
| AppState | Gets or sets the application-defined state string preserved through the redirect round-trip. |
| AuthorizeUrl | Gets or sets the full authorization URL to redirect the user to. |
| ClientId | Gets or sets the client identifier used in the authorization request. |
| CodeChallenge | Gets or sets the PKCE code challenge derived from CodeVerifier. |
| CodeVerifier | Gets or sets the PKCE code verifier generated for this flow. |
| CreatedOn | Gets or sets the date and time when this state object was created. |
| Nonce | Gets or sets the nonce value included in the authorization request for replay protection. |
| RedirectUri | Gets or sets the redirect URI included in the authorization request. |
| ResponseMode | Gets or sets the response mode requested from the provider (e.g. query or fragment). |
| Scope | Gets or sets the scope string included in the authorization request. |
| State | Gets or sets the opaque state value sent to the provider and echoed back in the callback. |