Description

The methods in the BackchannelAuthenticationCallbackEndpoint should be mostly protected to allow easier or more extensive overriding of the class.
Additionaly add methods before and after approving the device code, for additional actions or more validation.
The default behaviour should not be changed, if no overriding is necessary.

Discussion

No response

Motivation

We needed a greatly enhanced BackchannelAuthenticationCallbackEndpoint to do some additional validation, which was not possible with the current implementation.
The described features would be easily enough for this.

Details

No response