couldn't figure out how to parse the below authentication stuff which i didn't find them anywhere, i would like to use them as headers once they found.
There is a "state" token that I I can't figure out how it's being generated. I wonder if there is an OAuth 2 expert at premier who could help with figuring it out
I think this is saying that the FIRST random state variable is generated by the client and sent to the server on the URL. https://auth0.com/docs/secure/attack-protection/state-parameters
Below are the URL params for the FIRST auth request. state and nonce are the same, generated by java script in the browser. I think is can be any random string. I don't know where challenge_code comes from yet.
SSO_OAUTH2_AUTHORIZE003 <ENCODE_URICOMPONENT> :
"response_type" := "code",
"client_id" := "oc_hrpadmin",
"state" := "ZEVSTElkR2JsVWNVbHI4UGJ6aWVNaFc1MExvckcyeFVCVmppcE5PV2IydGxHsemicolon%2F",
"redirect_uri" := "">hrpadminqa.premierinc.com",
"scope" := "openid profile entityOrgCodeHRP",
"code_challenge" := "i1b3pu7oeDhROj7d1gBbZbPcUH10gTpzchiRMMm2uJY",
"code_challenge_method" := "S256",