Vipps OAuth Service
Component Detail
Service Layer
high complexity
backend
1
Dependencies
1
Dependents
5
Entities
0
Integrations
Description
Backend service implementing the Vipps Login OAuth 2.0 / OIDC flow. Exchanges the authorization code for access and ID tokens, extracts user claims (phone number, optional personnummer) from the ID token, and performs account-linking logic to associate the Vipps identity with an existing or new Meander user account. Shares the same provider interface as the BankID OAuth Service for consistency across authentication methods.
vipps-oauth-service
Responsibilities
- Exchange authorization code for access token and ID token via Vipps Token API
- Parse and validate ID token claims including phone number and optional personnummer
- Perform account-linking: match Vipps identity to existing user or create new account
- Issue JWT session tokens upon successful authentication
- Handle token refresh and revocation with Vipps
Interfaces
exchangeCodeForTokens(authCode: string, redirectUri: string): Promise<VippsTokenResponse>
extractUserClaims(idToken: string): VippsClaims
linkVippsIdentity(claims: VippsClaims, existingUserId?: string): Promise<User>
createSession(user: User): Promise<SessionTokens>
revokeVippsToken(accessToken: string): Promise<void>
validateIdToken(idToken: string): Promise<boolean>
getVippsAuthorizationUrl(state: string, nonce: string): string
handleCallback(code: string, state: string): Promise<AuthResult>
Relationships
Related Data Entities (5)
Data entities managed by this component