A state which gets persisted in a cookie.
Saves the state in a cookie.
The settings for the cookie state.
The settings for the cookie state.
The cookie name.
The cookie path.
The cookie domain.
Whether this cookie is secured, sent only for HTTPS requests.
Whether this cookie is HTTP only, i.e. not accessible from client-side JavaScript code.
State expiration. Defaults to 5 minutes which provides sufficient time to log in, but not too much. This is a balance between convenience and security.
A dummy state which can be used to avoid state validation.
A dummy state which can be used to avoid state validation. This can be useful if the state should be validated on client side.
Handles the dummy state.
The cookie state companion object.
The CookieStateProvider companion object.
A state which gets persisted in a cookie.
This is to prevent the client for CSRF attacks as described in the OAuth2 RFC.
The expiration time.
A value that binds the request to the user-agent's authenticated state.
https://tools.ietf.org/html/rfc6749#section-10.12