[英]How do I check my authorization code in authorization code flow?
I am using ADB2C and MSAL to create an authentication function. And,Authorization code flow is used.我正在使用 ADB2C 和 MSAL 创建身份验证 function。并且,使用了授权代码流。 I know how to check the contents of the token, but I don't know how to check the contents of the authorization code.
我知道如何查看令牌的内容,但我不知道如何查看授权码的内容。 Please tell me.
请告诉我。
You can not decode the authrization code.您无法解码授权码。
When you perform the Authorization Code Grant workflow, the Code response you get back from authorization server is not intended to be decoded as a JWT token.当您执行授权代码授予工作流时,您从授权服务器返回的代码响应不会被解码为 JWT 令牌。 That code can only be exchanged for an Access Token.
该代码只能交换访问令牌。 It has no other purpose
它没有其他目的
You can refer this document for why we use auth codes to reduce the risk of an attacker.您可以参考此文档了解我们为什么使用授权码来降低攻击者的风险。
Reference: Decode JWT token received from Authorization Code参考: 解码从授权码收到的 JWT 令牌
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.