DPoP class

Contains DPoP token and access token for authenticated API requests to Solid servers.

DPoP (Demonstration of Proof-of-Possession) is a security mechanism required by Solid servers to prove that the client making an API request is the same client to which the access token was issued. This prevents token theft and replay attacks.

Usage

Typically obtained from SolidOidcAuth.genDpopToken and used to make authenticated requests to Solid pod resources.

final dpop = solidAuth.genDpopToken('https://alice.pod.com/data/', 'GET');

// Use convenience method with additional headers
final response = await http.get(
  Uri.parse('https://alice.pod.com/data/'),
  headers: {
    ...dpop.httpHeaders(),
    'Accept': 'text/turtle',
  },
);

// Or construct headers manually
final response = await http.get(
  Uri.parse('https://alice.pod.com/data/'),
  headers: {
    'Authorization': 'DPoP ${dpop.accessToken}',
    'DPoP': dpop.dpopToken,
    'Accept': 'text/turtle',
  },
);

Constructors

DPoP({required String dpopToken, required String accessToken})

Properties

accessToken → String

The OAuth2 access token for the authenticated user.

final

dpopToken → String

The DPoP JWT token that proves possession of the access token.

final

hashCode → int

The hash code for this object.

no setter, inherited

runtimeType → Type

A representation of the runtime type of the object.

no setter, inherited

Methods

httpHeaders() → Map<String, String>

Returns HTTP headers formatted for Solid API requests.

noSuchMethod(Invocation invocation) → dynamic

Invoked when a nonexistent method or property is accessed.

inherited

toString() → String

A string representation of this object.

inherited

Operators

operator ==(Object other) → bool

The equality operator.

inherited