Authorizer class

A Controller that validates the Authorization header of a request.

An instance of this type will validate that the authorization information in an Authorization header is sufficient to access the next controller in the channel.

For each request, this controller parses the authorization header, validates it with an AuthValidator and then create an Authorization object if successful. The Request keeps a reference to this Authorization and is then sent to the next controller in the channel.

If either parsing or validation fails, a 401 Unauthorized response is sent and the Request is removed from the channel.

Parsing occurs according to parser. The resulting value (e.g., username and password) is sent to validator. validator verifies this value (e.g., lookup a user in the database and verify their password matches).

Usage:

    router
      .route("/protected-route")
      .link(() =>new Authorizer.bearer(authServer))
      .link(() => new ProtectedResourceController());

Inheritance

• Object
• Controller
• Authorizer

Constructors

Authorizer(AuthValidator validator, {AuthorizationParser parser = const AuthorizationBearerParser(), List<String>? scopes})

Creates an instance of Authorizer.

Authorizer.basic(AuthValidator validator)

Creates an instance of Authorizer with Basic Authentication parsing.

Authorizer.bearer(AuthValidator validator, {List<String>? scopes})

Creates an instance of Authorizer with Bearer token parsing.

Properties

hashCode → int

The hash code for this object.

no setter, inherited

logger → Logger

An instance of the 'liquidart' logger.

no setter, inherited

nextController → Controller?

Receives requests that this controller does not respond to.

no setter, inherited

parser → AuthorizationParser

Parses the Authorization header.

final

policy ↔ CORSPolicy?

The CORS policy of this controller.

getter/setter pair, inherited

runtimeType → Type

A representation of the runtime type of the object.

no setter, inherited

scopes → List<AuthScope>?

The list of required scopes.

final

validator → AuthValidator

The validating authorization object.

final

Methods

applyCORSHeadersIfNecessary(Request req, Response resp) → void

inherited

didAddToChannel() → void

Lifecycle callback, invoked after added to channel, but before any requests are served.

inherited

documentComponents(APIDocumentContext context) → void

Tells this object to add its components to context.

override

documentOperations(APIDocumentContext context, String route, APIPath path) → Map<String, APIOperation>

Tells this object to return all APIOperations it handles.

override

documentPaths(APIDocumentContext context) → Map<String, APIPath>

Tells this object to return all APIPaths it handles.

inherited

handle(Request request) → FutureOr<RequestOrResponse>

The primary request handling method of this object.

override

handleError(Request request, dynamic caughtValue, StackTrace trace) → Future

Sends an HTTP response for a request that yields an exception or error.

inherited

link(Controller instantiator()) → Linkable

Links a controller to the receiver to form a request channel.

inherited

linkFunction(FutureOr<RequestOrResponse?> handle(Request request)) → Linkable

Links a function controller to the receiver to form a request channel.

inherited

noSuchMethod(Invocation invocation) → dynamic

Invoked when a nonexistent method or property is accessed.

inherited

receive(Request req) → Future

Delivers req to this instance to be processed.

inherited

toString() → String

A string representation of this object.

inherited

willSendResponse(Response response) → void

Executed prior to Response being sent.

inherited

Operators

operator ==(Object other) → bool

The equality operator.

inherited