Add Authorization Endpoint

[dfcoffin]

An authorization server should support a /authorize endpoint.

The endpoint should support the authorization code grant. It should verify the response_type, client_id, redirect_uri, scope, and state parameters and formulate an authorization response. The redirect_uri, scope, and state parameters are optional but MUST be verified if present.

The authorization code response should consist of code and state parameters. The state parameter is optional but MUST be returned if provided in the authorization request.

[paurav-munshi]

Hi Team, I would like to work on this. I have experience working on integrating applications with IDP using Authorization grant. I am new to Spring Security though. Let me know if I can work on this.

Thanks,
Paurav.

[jgrandja]

Thank you for the offer @paurav-munshi.

It's a bit too early to work on this at the moment.
Our initial focus is to implement the client_credentials grant via #19 as the initial set of issues.

The authorization_code grant is much more involved and requires quite a few components to work together.

Over the next week or so, we'll be planning the next set of tasks at which point we'll have a more clear plan on next set of tasks. I'll be sure to reach out to you when we are ready. Thanks again and please stay tuned.

[jgrandja]

@dfcoffin I couldn't find a way to convert this issue to an epic so I'll close this in favour of #36.