Problem

The current OAuthServerProvider.authorize method is called for both GET and POST requests to /authorize, but I need to handle them differently:

• GET /authorize - Should start the user login process
• POST /authorize - Should handle the result after the user has logged in and consented

Current Situation

The authorization handler uses router.all(), so the same authorize() method gets called for both HTTP methods. I can't tell which one it is without accessing the request object through res.req.method.

Use Case

I'm building an OAuth server where users need to log in first (via SSO, SAML, etc.) before they can consent to authorization. This requires different handling for GET vs POST requests.

Current Workaround

async authorize(client: OAuthClientInformationFull, params: AuthorizationParams, res: Response) {
  const req = (res as any).req as Request;
  
  if (req.method === 'GET') {
    // Start login flow
  } else if (req.method === 'POST') {
    // Handle post-login authorization
  }
}

The existing DemoInMemoryAuthProvider example is very simple and immediately generates an authorization code without any user login flow - it's just for demonstration purposes. Real-world OAuth servers need to handle user authentication before authorization.