pub async fn verify_dpop_from_actix_for_token(
conn: &mut PgConnection,
req: &HttpRequest,
dpop_nonce_key: &SecretBox<String>,
) -> Result<String, DpopError>Expand description
DPoP verification for the token endpoint only. Uses a deferred replay store so that when the server returns UseDpopNonce the proof is not persisted; the client can retry with the nonce without the auth code being effectively revoked (replay rejection).