AuthorizationServer<Client, User> class abstract

An OAuth2 authorization server, which issues access tokens to third parties.

Constructors

AuthorizationServer()

const

Properties

extensionGrants → Map<String, ExtensionGrant>

A Map of custom authorization token grants. Use this to handle custom grant types, perhaps even your own.

no setter

hashCode → int

The hash code for this object.

no setter, inherited

runtimeType → Type

A representation of the runtime type of the object.

no setter, inherited

Methods

authorizationEndpoint(RequestContext req, ResponseContext res) → Future<void>

A request handler that invokes the correct logic, depending on which type of grant the client is requesting.

clientCredentialsGrant(Client? client, RequestContext req, ResponseContext res) → FutureOr<AuthorizationTokenResponse>

Performs a client credentials grant. Only use this in situations where the client is 100% trusted.

completeImplicitGrant(AuthorizationTokenResponse token, Uri redirectUri, {String? state}) → Uri

Returns the Uri that a client can be redirected to in the case of an implicit grant.

exchangeAuthorizationCodeForToken(Client? client, String? authCode, String? redirectUri, RequestContext req, ResponseContext res) → FutureOr<AuthorizationTokenResponse>

Exchanges an authorization code for an authorization token.

exchangeDeviceCodeForToken(Client client, String? deviceCode, String state, RequestContext req, ResponseContext res) → FutureOr<AuthorizationTokenResponse>

Produces an authorization token from a given device code.

findClient(String? clientId) → FutureOr<Client>?

Finds the Client application associated with the given clientId.

getPkceCodeVerifier(RequestContext req, {bool body = true, String? state, Uri? uri}) → Future<String>

Retrieves the PKCE code_verifier parameter from a RequestContext, or throws.

noSuchMethod(Invocation invocation) → dynamic

Invoked when a nonexistent method or property is accessed.

inherited

refreshAuthorizationToken(Client? client, String? refreshToken, Iterable<String> scopes, RequestContext req, ResponseContext res) → FutureOr<AuthorizationTokenResponse>

Refresh an authorization token.

requestAuthorizationCode(Client client, String? redirectUri, Iterable<String> scopes, String state, RequestContext req, ResponseContext res, bool implicit) → FutureOr<void>

Prompt the currently logged-in user to grant or deny access to the client.

requestDeviceCode(Client client, Iterable<String> scopes, RequestContext req, ResponseContext res) → FutureOr<DeviceCodeResponse>

Performs a device code grant.

resourceOwnerPasswordCredentialsGrant(Client? client, String? username, String? password, Iterable<String> scopes, RequestContext req, ResponseContext res) → FutureOr<AuthorizationTokenResponse>

Issue an authorization token to a user after authenticating them via username and password.

tokenEndpoint(RequestContext req, ResponseContext res) → Future

A request handler that either exchanges authorization codes for authorization tokens, or refreshes authorization tokens.

toString() → String

A string representation of this object.

inherited

verifyClient(Client client, String? clientSecret) → FutureOr<bool>

Verify that a client is the one identified by the clientSecret.

Operators

operator ==(Object other) → bool

The equality operator.

inherited