headless_lms_server::controllers::main_frontend::oauth::consent

Function approve_consent

pub async fn approve_consent(
    pool: Data<PgPool>,
    form: Json<ConsentQuery>,
    user: AuthUser,
) -> ControllerResult<HttpResponse>

Expand description

Handles /consent approval after the user agrees to grant requested scopes.

This endpoint:

Validates the redirect URI and requested scopes against the registered client.
Records granted scopes for the user-client pair.
Redirects back to /authorize to continue the OAuth flow.

§Example

GET /api/v0/main-frontend/oauth/consent?client_id=test-client-id&redirect_uri=http://localhost&scopes=openid%20profile&state=random123&nonce=secure_nonce_abc HTTP/1.1
Cookie: session=abc123

Redirect back to /authorize:

HTTP/1.1 302 Found
Location: /api/v0/main-frontend/oauth/authorize?client_id=...

Function approve_consentCopy item path

§Example

Function approve_consent