Documentation for OAuth Pushed Authorization Request feature¶ ↑

The oauth_pushed_authorization_request feature implements support for the Pushed Authorization Request (PAR)

datatracker.ietf.org/doc/html/rfc9126

This feature depends on the oauth_authorize_base feature.

Auth Value Methods¶ ↑

par_route	the route for creating pushed auth requests, defaults to `par`.
oauth_require_pushed_authorization_requests	sets whether OAuth authorization requests require PAR, `false` by default.
oauth_applications_require_pushed_authorization_requests_column	the db column setting, for the respective oauth application, whether OAuth authorization requests require PAR, `false` by default.
oauth_pushed_authorization_request_expires_in	The number of seconds a pushed authorization requests is valid after creation, `90` by default.
oauth_require_pushed_authorization_request_iss_request_object	in case a “request” object is used to create a PAR, whether the “iss” claim should be verified, `true` by default.
oauth_pushed_authorization_requests_table	the db table where pushed auth requests are stored, `:oauth_pushed_requests` by default.
oauth_pushed_authorization_requests_oauth_application_id_column	the db column where the pushed auth request oauth application ID is stored, `:oauth_application_id` by default.
oauth_pushed_authorization_requests_params_column	the db column where the pushed auth request request params are stored, `:params` by default.
oauth_pushed_authorization_requests_code_column	the db column where the pushed auth request code is stored, `:code` by default.
oauth_pushed_authorization_requests_expires_in_column	the db column where the pushed auth request expiration time is stored, `:expires_in` by default.

Auth Methods¶ ↑

before_par_route

Run arbitrary code before creatinng pushed auth request.