ServiceProvider constructor

ServiceProvider(
  1. String issuer,
  2. String audience,
  3. String secret, {
  4. String? redirectUrl,
  5. String? name,
  6. Duration? allowedClockSkew,
})

Constructor.

The issuer is a string that identifies the expected issuer of the authentication tokens. Use "https://rapid.aaf.edu.au" for the production AAF Rapid Connect service and "https://rapid.test.aaf.edu.au" for the AAF's test service.

The audience is a string that identifies the Service Provider (i.e. the Web application using AAF Rapid Connect to perform authentication). Note: the audience is not necessarily the same as the callback URL.

The secret is the shared secret between AAF Rapid Connect and the Service Provider using it.

The optional redirectUrl is where the Web browser should be redirected to, to authenticate the login. This value is not used by this implementation (since processing of the authentication token happens after the redirection has occurred), but is included as a member since this is a convenient place to record the value.

The optional name is where the name of the Service Provider can be recorded. It is not used by this implementation.

The audience, shared secret and name are values provided to AAF when the Service Provider was registered. The redirect URL is the value that was issued by AAF when the service was successfully registered.

The allowedClockSkew is a duration to allow for differences between the clocks. If not provided, a duration of zero is used (i.e. no allowance is made). Providing a sensible value is highly recommended, otherwise any clock skew could invalidate tokens.

Implementation

ServiceProvider(this.issuer, this.audience, this.secret,
    {this.redirectUrl, this.name, Duration? allowedClockSkew})
    : allowedClockSkew = allowedClockSkew ?? Duration.zero;