AuthorizationServer<Client, User> class
abstract
An OAuth2 authorization server, which issues access tokens to third parties.
Constructors
- AuthorizationServer()
-
const
Properties
-
extensionGrants
→ Map<
String, ExtensionGrant> -
A Map of custom authorization token grants. Use this to handle custom grant types, perhaps even your own.
no setter
- hashCode → int
-
The hash code for this object.
no setterinherited
- runtimeType → Type
-
A representation of the runtime type of the object.
no setterinherited
Methods
- A request handler that invokes the correct logic, depending on which type of grant the client is requesting.
-
clientCredentialsGrant(
Client? client, RequestContext req, ResponseContext res) → FutureOr< AuthorizationTokenResponse> - Performs a client credentials grant. Only use this in situations where the client is 100% trusted.
-
completeImplicitGrant(
AuthorizationTokenResponse token, Uri redirectUri, {String? state}) → Uri - Returns the Uri that a client can be redirected to in the case of an implicit grant.
-
exchangeAuthorizationCodeForToken(
Client? client, String? authCode, String? redirectUri, RequestContext req, ResponseContext res) → FutureOr< AuthorizationTokenResponse> - Exchanges an authorization code for an authorization token.
-
exchangeDeviceCodeForToken(
Client client, String? deviceCode, String state, RequestContext req, ResponseContext res) → FutureOr< AuthorizationTokenResponse> - Produces an authorization token from a given device code.
-
findClient(
String? clientId) → FutureOr< Client> ? -
Finds the
Client
application associated with the givenclientId
. -
getPkceCodeVerifier(
RequestContext req, {bool body = true, String? state, Uri? uri}) → Future< String> -
Retrieves the PKCE
code_verifier
parameter from aRequestContext
, or throws. -
noSuchMethod(
Invocation invocation) → dynamic -
Invoked when a nonexistent method or property is accessed.
inherited
-
refreshAuthorizationToken(
Client? client, String? refreshToken, Iterable< String> scopes, RequestContext req, ResponseContext res) → FutureOr<AuthorizationTokenResponse> - Refresh an authorization token.
-
requestAuthorizationCode(
Client client, String? redirectUri, Iterable< String> scopes, String state, RequestContext req, ResponseContext res, bool implicit) → FutureOr<void> -
Prompt the currently logged-in user to grant or deny access to the
client
. -
requestDeviceCode(
Client client, Iterable< String> scopes, RequestContext req, ResponseContext res) → FutureOr<DeviceCodeResponse> - Performs a device code grant.
-
resourceOwnerPasswordCredentialsGrant(
Client? client, String? username, String? password, Iterable< String> scopes, RequestContext req, ResponseContext res) → FutureOr<AuthorizationTokenResponse> -
Issue an authorization token to a user after authenticating them via
username
andpassword
. -
tokenEndpoint(
RequestContext req, ResponseContext res) → Future - A request handler that either exchanges authorization codes for authorization tokens, or refreshes authorization tokens.
-
toString(
) → String -
A string representation of this object.
inherited
-
verifyClient(
Client client, String? clientSecret) → FutureOr< bool> -
Verify that a
client
is the one identified by theclientSecret
.
Operators
-
operator ==(
Object other) → bool -
The equality operator.
inherited