Add POST /api/v1/oauth/token supporting authorization_code and refresh_token grant types. Validates PKCE, exchanges codes for JWT access tokens with refresh token rotation. Uses the shared RefreshSession helper for the refresh grant. |
||
|---|---|---|
| .. | ||
| ldap | ||
| oauth2server | ||
| openid | ||
| auth.go | ||