OAuth2Client class
Base class that implements OAuth2 authorization flows.
It currently supports the following grants:
- Authorization Code
- Client Credentials
For the Authorization Code grant, PKCE is used by default. If you need to disable it, pass the 'enablePKCE' param to false.
You can use directly this class, but normally you want to extend it and implement your own client. When instantiating the client, pass your custom uri scheme in the customUriScheme field. Normally you would use something like
Constructors
- OAuth2Client({required String authorizeUrl, required String tokenUrl, String? refreshUrl, String? revokeUrl, required String redirectUri, required String customUriScheme, CredentialsLocation credentialsLocation = CredentialsLocation.HEADER, String scopeSeparator = ' '})
- Creates a new client instance with the following parameters:
Properties
-
accessTokenRequestHeaders
← Map<
String, String> -
no getter
-
getter/setter pair
- credentialsLocation ↔ CredentialsLocation
-
getter/setter pair
- customUriScheme ↔ String
-
getter/setter pair
- hashCode → int
-
The hash code for this object.
no setterinherited
- redirectUri ↔ String
-
getter/setter pair
- refreshUrl ↔ String?
-
getter/setter pair
- revokeUrl ↔ String?
-
getter/setter pair
- runtimeType → Type
-
A representation of the runtime type of the object.
no setterinherited
- scopeSeparator ↔ String
-
getter/setter pair
- tokenUrl ↔ String
-
getter/setter pair
- webAuthClient ↔ BaseWebAuth
-
getter/setter pair
Methods
-
getAuthorizationHeader(
{required String clientId, String? clientSecret}) → Map< String, String> -
getAuthorizeUrl(
{required String clientId, String responseType = 'code', String? redirectUri, List< String> ? scopes, bool enableState = true, String? state, String? codeChallenge, Map<String, dynamic> ? customParams}) → String - Generates the url to be used for fetching the authorization code.
-
getRefreshUrlParams(
{required String refreshToken}) → Map< String, String> - Returns the parameters needed for the refresh token request
-
getTokenUrlParams(
{required String code, String? redirectUri, String? codeVerifier, Map< String, dynamic> ? customParams}) → Map<String, dynamic> - Returns the parameters needed for the authorization code request
-
getTokenWithAuthCodeFlow(
{required String clientId, List< String> ? scopes, String? clientSecret, bool enablePKCE = true, bool enableState = true, String? state, String? codeVerifier, Function? afterAuthorizationCodeCb, Map<String, dynamic> ? authCodeParams, Map<String, dynamic> ? accessTokenParams, dynamic httpClient, BaseWebAuth? webAuthClient, Map<String, dynamic> ? webAuthOpts}) → Future<AccessTokenResponse> - Requests an Access Token to the OAuth2 endpoint using the Authorization Code Flow.
-
getTokenWithClientCredentialsFlow(
{required String clientId, required String clientSecret, List< String> ? scopes, dynamic httpClient}) → Future<AccessTokenResponse> - Requests an Access Token to the OAuth2 endpoint using the Client Credentials flow.
-
getTokenWithImplicitGrantFlow(
{required String clientId, List< String> ? scopes, bool enableState = true, String? state, dynamic httpClient, BaseWebAuth? webAuthClient, Map<String, dynamic> ? webAuthOpts}) → Future<AccessTokenResponse> - Requests an Access Token to the OAuth2 endpoint using the Implicit grant flow (https://tools.ietf.org/html/rfc6749#page-31)
-
http2TokenResponse(
Response response, {List< String> ? requestedScopes}) → AccessTokenResponse -
noSuchMethod(
Invocation invocation) → dynamic -
Invoked when a nonexistent method or property is accessed.
inherited
-
refreshToken(
String refreshToken, {dynamic httpClient, required String clientId, String? clientSecret}) → Future< AccessTokenResponse> - Refreshes an Access Token issuing a refresh_token grant to the OAuth2 server.
-
requestAccessToken(
{required String code, required String clientId, String? clientSecret, String? codeVerifier, List< String> ? scopes, Map<String, dynamic> ? customParams, dynamic httpClient}) → Future<AccessTokenResponse> -
Requests and Access Token using the provided Authorization
code
. -
requestAuthorization(
{required String clientId, List< String> ? scopes, String? codeChallenge, bool enableState = true, String? state, Map<String, dynamic> ? customParams, BaseWebAuth? webAuthClient, Map<String, dynamic> ? webAuthOpts}) → Future<AuthorizationResponse> - Requests an Authorization Code to be used in the Authorization Code grant.
-
revokeAccessToken(
AccessTokenResponse tknResp, {String? clientId, String? clientSecret, dynamic httpClient}) → Future< OAuth2Response> -
Revokes the Access Token in the provided
tknResp
-
revokeRefreshToken(
AccessTokenResponse tknResp, {String? clientId, String? clientSecret, dynamic httpClient}) → Future< OAuth2Response> -
Revokes the Refresh Token in the provided
tknResp
-
revokeToken(
AccessTokenResponse tknResp, {String? clientId, String? clientSecret, dynamic httpClient}) → Future< OAuth2Response> -
Revokes both the Access and the Refresh tokens in the provided
tknResp
-
serializeScopes(
List< String> scopes) → String -
toString(
) → String -
A string representation of this object.
inherited
Operators
-
operator ==(
Object other) → bool -
The equality operator.
inherited