OAuth Callback Handler - Likepersonsapp – Peer Mentor Activity Platform | Generated by Eircodex v3.0

Scope

Infrastructure medium complexity backend

2

Dependencies

2

Dependents

1

Entities

0

Integrations

Description

Next.js API route infrastructure that receives OAuth authorization code callbacks from BankID and Vipps after the user completes authentication in the in-app browser. Routes the callback to the appropriate integration service, handles CSRF state validation, and returns a platform JWT to the mobile client via the custom URL scheme redirect.

Feature: BankID & Vipps Authentication

oauth-callback-handler

Responsibilities

Expose secure callback endpoints for BankID and Vipps OAuth redirects
Validate CSRF state parameter to prevent authorization code injection
Route callback to the correct integration service based on provider
Return platform JWT to the mobile client via redirect to custom URL scheme
Log authentication events for audit and compliance

Interfaces

handleBankIdCallback(code, state, error)

handleVippsCallback(code, state, error)

validateStateParameter(state, expectedState)

buildMobileRedirectUrl(scheme, token, error)

logAuthEvent(provider, userId, outcome)

Relationships

Dependencies (2)

Components this component depends on

service BankID Integration Service service Vipps Integration Service

Dependents (2)

Components that depend on this component

service BankID Integration Service service Vipps Integration Service

Related Data Entities (1)

Data entities managed by this component

Session 15 fields core