AuthProvider class abstract

Abstract interface for all Authyra authentication providers.

Implement this interface to plug a new authentication strategy into AuthyraClient. Authyra ships with several built-in providers (CredentialsProvider, OAuth2Provider, GoogleProvider, etc.) but any custom strategy can be added by implementing AuthProvider.

Design contract

• id must be a unique, lowercase slug within a single AuthyraClient.
• signIn is the only required method; signOut and refreshToken have safe default no-op implementations.
• Providers are stateless — they hold configuration, not session state. Session state lives in SessionManager.
• signIn returns AuthSignInResult (not just AuthUser) so that tokens returned by the provider are preserved and stored in the session.

Minimal example

class MyBackendProvider implements AuthProvider {
  @override
  String get id => 'my-backend';

  @override
  AuthProviderType get type => AuthProviderType.credentials;

  @override
  bool get supportsRefresh => true;

  @override
  Future<AuthSignInResult?> signIn({Map<String, dynamic>? params}) async {
    final response = await myApi.post('/auth/login', body: params);
    if (response.statusCode != 200) return null;
    return AuthSignInResult(
      user: AuthUser(id: response.data['userId']),
      accessToken: response.data['accessToken'],
      refreshToken: response.data['refreshToken'],
      expiresAt: DateTime.parse(response.data['expiresAt']),
    );
  }

  @override
  Future<AuthTokenResult?> refreshToken(String refreshToken) async {
    final res = await myApi.post('/auth/refresh',
      body: {'refreshToken': refreshToken});
    if (res.statusCode != 200) return null;
    return AuthTokenResult(
      accessToken: res.data['accessToken'],
      expiresAt: DateTime.parse(res.data['expiresAt']),
    );
  }
}

See also:

• AuthyraClient, which registers and invokes providers.
• AuthSignInResult, the rich sign-in result that carries user + tokens.
• AuthTokenResult, the token-only result for refresh operations.
• AuthSession, the session built from a successful signIn.

Implementers

• AppleProvider
• OAuth2Provider
• ProxyOAuthProvider

Constructors

AuthProvider()

Properties

hashCode → int

The hash code for this object.

no setter, inherited

id → String

Unique identifier for this provider.

no setter

name → String

Human-readable display name for this provider.

no setter

runtimeType → Type

A representation of the runtime type of the object.

no setter, inherited

supportsRefresh → bool

Whether this provider can renew an expired access token silently.

no setter

supportsSignOut → bool

Whether this provider requires a server-side call during sign-out.

no setter

type → AuthProviderType

The authentication strategy implemented by this provider.

no setter

Methods

noSuchMethod(Invocation invocation) → dynamic

Invoked when a nonexistent method or property is accessed.

inherited

refreshToken(String refreshToken) → Future<AuthTokenResult?>

Exchanges refreshToken for a fresh access token.

signIn({Map<String, dynamic>? params}) → Future<AuthSignInResult?>

Authenticates the user and returns the full result, or null on failure.

signOut({String? userId}) → Future<void>

Revokes server-side credentials for userId.

toString() → String

A string representation of this object.

inherited

Operators

operator ==(Object other) → bool

The equality operator.

inherited