Considering on a solution to my earlier problem (Pushed Authorization Request lifetime in OpenID Connect), I figured that PAR could only work if the authorization endpoint provided a login page and not another endpoint. Is it correct that the authorization endpoint provides a login page? It will have to use POST method to login user and OIDC says POST should allow the same as GET. That's why I don't know what to do.
without PAR, you typically make a GET request to the /authorize endpoint, and when your client application gets the authorization code back, it makes a separate POST request to the /token endpoint to retrieve the final tokens.
I just posted new new blog post about Pushed Authorization Requests (PAR) and I hope it might clarify somethings for you.
Adding PAR does not change that much compared to the classic authorization code flow. It does not change how and where the login is displayed. PAR is only used to secure the initial authentication request, before the login page is displayed.