validate<T> method

  1. @override
FutureOr<Authorization> validate<T>(
  1. AuthorizationParser<T> parser,
  2. T authorizationData, {
  3. List<AuthScope>? requiredScope,
})
override

Returns an Authorization if authorizationData is valid.

This method is invoked by Authorizer to validate the Authorization header of a request. authorizationData is the parsed contents of the Authorization header, while parser is the object that parsed the header.

If this method returns null, an Authorizer will send a 401 Unauthorized response. If this method throws an AuthorizationParserException, a 400 Bad Request response is sent. If this method throws an AuthServerException, an appropriate status code is sent for the details of the exception.

If requiredScope is provided, a request's authorization must have at least that much scope to pass the Authorizer.

Implementation

@override
FutureOr<Authorization> validate<T>(
  AuthorizationParser<T> parser,
  T authorizationData, {
  List<AuthScope>? requiredScope,
}) {
  if (parser is AuthorizationBasicParser) {
    final credentials = authorizationData as AuthBasicCredentials;
    return _validateClientCredentials(credentials);
  } else if (parser is AuthorizationBearerParser) {
    return verify(authorizationData as String, scopesRequired: requiredScope);
  }

  throw ArgumentError(
    "Invalid 'parser' for 'AuthServer.validate'. Use 'AuthorizationBasicParser' or 'AuthorizationBearerHeader'.",
  );
}