ApiAuthorization class

Holds all authorization configuration for an API request.

Mirrors every auth type available in Postman's Authorization tab.

Quick constructors

// Bearer token (most common)
ApiAuthorization.bearer('eyJhbGci...')

// Basic auth
ApiAuthorization.basic(user: 'admin', pass: 'secret')

// API Key in header
ApiAuthorization.apiKeyHeader(name: 'X-API-Key', value: 'abc123')

// API Key in query param
ApiAuthorization.apiKeyQuery(name: 'api_key', value: 'abc123')

// OAuth 2.0 with existing token
ApiAuthorization.oauth2Token('my-access-token')

// JWT Bearer
ApiAuthorization.jwtBearer('eyJhbGci...')

Constructors

ApiAuthorization({ApiAuthorizationType type = ApiAuthorizationType.none, String? token, String? jwtSecret, String? jwtAlgorithm, Map<String, dynamic>? jwtPayload, String? username, String? password, String? realm, String? consumerKey, String? consumerSecret, String? accessToken, String? tokenSecret, String? signatureMethod, String? oauth2AccessToken, String? oauth2HeaderPrefix, String? oauth2TokenUrl, String? oauth2ClientId, String? oauth2ClientSecret, String? oauth2Scope, String? apiKeyName, String? apiKeyValue, ApiKeyPlacement? apiKeyPlacement, String? awsAccessKey, String? awsSecretKey, String? awsRegion, String? awsService, String? hawkId, String? hawkKey, String? hawkAlgorithm, String? ntlmUsername, String? ntlmPassword, String? ntlmDomain, String? ntlmWorkstation})

Creates an ApiAuthorization with full control over every field.

const

ApiAuthorization.apiKeyHeader({required String name, required String value})

Injects the API key as the named request header.

const

ApiAuthorization.apiKeyQuery({required String name, required String value})

Appends the API key as a URL query parameter.

const

ApiAuthorization.basic({required String user, required String pass})

Sends Authorization: Basic <base64(user:pass)>.

const

ApiAuthorization.bearer(String bearerToken)

Sends Authorization: Bearer <bearerToken>.

const

ApiAuthorization.jwtBearer(String jwtToken)

Sends Authorization: Bearer <jwtToken>.

const

ApiAuthorization.oauth2Token(String accessToken, {String prefix = 'Bearer'})

Sends Authorization: <prefix> <accessToken>.

const

Properties

accessToken → String?

OAuth 1.0 access token.

final

apiKeyName → String?

The header or query-parameter name for an API key.

final

apiKeyPlacement → ApiKeyPlacement?

Whether the API key goes in a header or query param.

final

apiKeyValue → String?

The API key value.

final

awsAccessKey → String?

AWS IAM access key ID.

final

awsRegion → String?

AWS region, e.g. "us-east-1".

final

awsSecretKey → String?

AWS IAM secret access key.

final

awsService → String?

AWS service name, e.g. "execute-api".

final

consumerKey → String?

OAuth 1.0 consumer key.

final

consumerSecret → String?

OAuth 1.0 consumer secret.

final

hashCode → int

The hash code for this object.

no setter, inherited

hawkAlgorithm → String?

Hawk algorithm, e.g. "sha256".

final

hawkId → String?

Hawk auth ID.

final

hawkKey → String?

Hawk auth key.

final

jwtAlgorithm → String?

JWT signing algorithm, e.g. "HS256" or "RS256".

final

jwtPayload → Map<String, dynamic>?

Additional JWT payload claims.

final

jwtSecret → String?

JWT signing secret (informational — signing is handled externally).

final

ntlmDomain → String?

NTLM domain.

final

ntlmPassword → String?

NTLM password.

final

ntlmUsername → String?

NTLM username.

final

ntlmWorkstation → String?

NTLM workstation name.

final

oauth2AccessToken → String?

OAuth 2.0 access token sent in the Authorization header.

final

oauth2ClientId → String?

OAuth 2.0 client ID.

final

oauth2ClientSecret → String?

OAuth 2.0 client secret.

final

oauth2HeaderPrefix → String?

Prefix for the OAuth 2.0 header. Defaults to "Bearer".

final

oauth2Scope → String?

OAuth 2.0 requested scope.

final

oauth2TokenUrl → String?

OAuth 2.0 token endpoint URL (for client-credentials flows).

final

password → String?

Password for ApiAuthorizationType.basicAuth and ApiAuthorizationType.digestAuth.

final

realm → String?

Digest auth realm (used in the challenge header).

final

runtimeType → Type

A representation of the runtime type of the object.

no setter, inherited

signatureMethod → String?

OAuth 1.0 signature method: "HMAC-SHA1", "RSA-SHA1", or "PLAINTEXT".

final

token → String?

Token string for ApiAuthorizationType.bearerToken and ApiAuthorizationType.jwtBearer.

final

tokenSecret → String?

OAuth 1.0 token secret.

final

type → ApiAuthorizationType

The authorization type to use.

final

username → String?

Username for ApiAuthorizationType.basicAuth and ApiAuthorizationType.digestAuth.

final

Methods

noSuchMethod(Invocation invocation) → dynamic

Invoked when a nonexistent method or property is accessed.

inherited

toString() → String

A string representation of this object.

inherited

Operators

operator ==(Object other) → bool

The equality operator.

inherited