generateAPICredentialPair function

AuthClient generateAPICredentialPair(
  1. String clientID,
  2. String? secret, {
  3. String? redirectURI,
  4. int hashLength = 32,
  5. int hashRounds = 1000,
  6. Hash? hashFunction,
})

A utility method to generate a ClientID and Client Secret Pair.

secret may be null. If secret is null, the return value is a 'public' client. Otherwise, the client is 'confidential'. Public clients must not include a client secret when sent to the authorization server. Confidential clients must include the secret in all requests. Use public clients when the source code of the client application is visible, i.e. a JavaScript browser application.

Any client that allows the authorization code flow must include redirectURI.

Note that secret is hashed with a randomly generated salt, and therefore cannot be retrieved later. The plain-text secret must be stored securely elsewhere.

Implementation

AuthClient generateAPICredentialPair(
  String clientID,
  String? secret, {
  String? redirectURI,
  int hashLength = 32,
  int hashRounds = 1000,
  Hash? hashFunction,
}) {
  if (secret == null) {
    return AuthClient.public(clientID, redirectURI: redirectURI);
  }

  final salt = generateRandomSalt(hashLength: hashLength);
  final hashed = generatePasswordHash(
    secret,
    salt,
    hashRounds: hashRounds,
    hashLength: hashLength,
    hashFunction: hashFunction,
  );

  return AuthClient.withRedirectURI(clientID, hashed, salt, redirectURI);
}