Authorizer class

A Controller that validates the Authorization header of a request.

An instance of this type will validate that the authorization information in an Authorization header is sufficient to access the next controller in the channel.

For each request, this controller parses the authorization header, validates it with an AuthValidator and then create an Authorization object if successful. The Request keeps a reference to this Authorization and is then sent to the next controller in the channel.

If either parsing or validation fails, a 401 Unauthorized response is sent and the Request is removed from the channel.

Parsing occurs according to parser. The resulting value (e.g., username and password) is sent to validator. validator verifies this value (e.g., lookup a user in the database and verify their password matches).

Usage:

    router
      .route("/protected-route")
      .link(() =>new Authorizer.bearer(authServer))
      .link(() => new ProtectedResourceController());
Inheritance

Constructors

Authorizer(AuthValidator? validator, {AuthorizationParser parser = const AuthorizationBearerParser(), List<String>? scopes})
Creates an instance of Authorizer.
Authorizer.basic(AuthValidator? validator)
Creates an instance of Authorizer with Basic Authentication parsing.
Authorizer.bearer(AuthValidator? validator, {List<String>? scopes})
Creates an instance of Authorizer with Bearer token parsing.

Properties

hashCode int
The hash code for this object.
no setterinherited
logger Logger
An instance of the 'conduit' logger.
no setterinherited
nextController Controller?
Receives requests that this controller does not respond to.
no setterinherited
parser AuthorizationParser
Parses the Authorization header.
final
policy CORSPolicy?
The CORS policy of this controller.
getter/setter pairinherited
runtimeType Type
A representation of the runtime type of the object.
no setterinherited
scopes List<AuthScope>?
The list of required scopes.
final
validator AuthValidator?
The validating authorization object.
final

Methods

applyCORSHeadersIfNecessary(Request req, Response resp) → void
inherited
didAddToChannel() → void
Lifecycle callback, invoked after added to channel, but before any requests are served.
inherited
documentComponents(APIDocumentContext context) → void
Tells this object to add its components to context.
override
documentOperations(APIDocumentContext context, String route, APIPath path) Map<String, APIOperation>
Tells this object to return all APIOperations it handles.
override
documentPaths(APIDocumentContext context) Map<String, APIPath>
Tells this object to return all APIPaths it handles.
inherited
handle(Request request) FutureOr<RequestOrResponse>
The primary request handling method of this object.
override
handleError(Request request, dynamic caughtValue, StackTrace trace) Future
Sends an HTTP response for a request that yields an exception or error.
inherited
Links a controller to the receiver to form a request channel.
inherited
linkFunction(FutureOr<RequestOrResponse?> handle(Request request)) Linkable?
Links a function controller to the receiver to form a request channel.
inherited
noSuchMethod(Invocation invocation) → dynamic
Invoked when a nonexistent method or property is accessed.
inherited
receive(Request req) Future?
Delivers req to this instance to be processed.
inherited
toString() String
A string representation of this object.
inherited
willSendResponse(Response response) → void
Executed prior to Response being sent.
inherited

Operators

operator ==(Object other) bool
The equality operator.
inherited