bcAuthorize

Initiates a backchannel (CIBA) authorization request and stores the resulting auth_req_id and loginHint for use by getOauthAccessToken.

This is the CIBA leg of the OAuth2 bootstrap: the MTN MoMo API sends an authorization prompt to the subscriber's phone. Once the user approves on-device, the auth_req_id can be exchanged for an OAuth2 access token via getOauthAccessToken.

Uses a hardcoded io.rekast.sdk.model.BcAuthorizeRequest with loginHint = "ID:563667/MSISDN", scope = "all_info", and accessType = "offline".

On success, both CredentialStorage.saveBackChannelAuthorizationRequestId (with its expiry) and CredentialStorage.saveLoginHint are written, then getOauthAccessToken is called immediately to attempt the token exchange. If the MTN MoMo endpoint returns a non-2xx response the error is logged and isBootstrapComplete is set to true.

io.rekast.sdk.app.network.TokenAuthenticator also calls the bc-authorize endpoint directly (bypassing this method) when it detects an expired auth_req_id on a 401 response, using the login hint stored by this method.