Authorization

authReq, err := client.Authorize(ctx, grantex.AuthorizeParams{
    AgentID:     "agent-id",
    PrincipalID: "user-123",
    Scopes:      []string{"read:email", "send:email"},
})

// Generate PKCE challenge
pkce, err := grantex.GeneratePKCE()
if err != nil {
    log.Fatal(err)
}

// Include challenge in authorization request
authReq, err := client.Authorize(ctx, grantex.AuthorizeParams{
    AgentID:             "agent-id",
    PrincipalID:         "user-123",
    Scopes:              []string{"read:email"},
    CodeChallenge:       pkce.CodeChallenge,
    CodeChallengeMethod: pkce.CodeChallengeMethod,
})

// Later, include verifier when exchanging code
tokenResp, err := client.Tokens.Exchange(ctx, grantex.ExchangeTokenParams{
    Code:         "auth-code",
    AgentID:      "agent-id",
    CodeVerifier: pkce.CodeVerifier,
})