Skip to main content

Class: BearerAuthScheme

@divine/uri.BearerAuthScheme

The bearer AuthScheme provides support for OAuth 2.0 Bearer Tokens.

Hierarchy

Constructors

constructor

new BearerAuthScheme(scheme?)

Parameters

NameTypeDefault value
schemestring'Bearer'

Overrides

AuthScheme.constructor

Defined in

uri/src/auth-schemes/bearer.ts:22

Properties

proxy

proxy: boolean

Specifies wheter or not this scheme provides proxy auhentication. Usually false.

Inherited from

AuthScheme.proxy

Defined in

uri/src/auth-schemes.ts:141


realm

Optional realm: string

The realm or domain this instance is handling.

Inherited from

AuthScheme.realm

Defined in

uri/src/auth-schemes.ts:138


scheme

scheme: string

The canonical name of the scheme this instance handles.

Inherited from

AuthScheme.scheme

Defined in

uri/src/auth-schemes.ts:149

Methods

_assertCompatibleAuthHeader

Protected _assertCompatibleAuthHeader<H>(header): H

Asserts that an authentication header is compatible with this AuthScheme.

Throws

AuthSchemeError If the header is incompatible with this AuthScheme.

Type parameters

NameType
Hextends undefined | AuthHeader

Parameters

NameTypeDescription
headerHThe header to check, or undefined to do nothing.

Returns

H

The provided header.

Inherited from

AuthScheme._assertCompatibleAuthHeader

Defined in

uri/src/auth-schemes.ts:296


_assertCompatibleCredentials

Protected _assertCompatibleCredentials<C>(credentials): C

Asserts that some credentials are compatible with this AuthScheme.

Throws

AuthSchemeError If the credentials are incompatible with this AuthScheme.

Type parameters

NameTypeDescription
Cextends undefined | CredentialsThe type of credentials that the scheme uses.

Parameters

NameTypeDescription
credentialsCThe credentials to check, or undefined to do nothing.

Returns

C

The provided credentials.

Inherited from

AuthScheme._assertCompatibleCredentials

Defined in

uri/src/auth-schemes.ts:313


_createChallenge

Protected _createChallenge(authorization?): Promise<WWWAuthenticate>

Creates a new challenge for the client.

Parameters

NameTypeDescription
authorization?AuthorizationThe authentication the client provided.

Returns

Promise<WWWAuthenticate>

A new challenge.

Inherited from

AuthScheme._createChallenge

Defined in

uri/src/auth-schemes.ts:241


_getCredentials

Protected _getCredentials(options): Promise<undefined | Credentials>

Asks the credentials provider for credentials.

Throws

AuthSchemeError If the authentication, challenge or the credentials provided via setCredentialsProvider are incompatibe with this AuthScheme.

Parameters

NameTypeDescription
optionsCredentialsProviderOptions<Credentials>Options to pass to the credentials provider.

Returns

Promise<undefined | Credentials>

Valid credentials or undefined if no credentials could be provided.

Inherited from

AuthScheme._getCredentials

Defined in

uri/src/auth-schemes.ts:255


_isCompatibleCredentials

Protected _isCompatibleCredentials(credentials): boolean

Checks if the provided credentials are compatible with this AuthScheme.

Throws

AuthSchemeError If the credentials provided are incompatibe with this AuthScheme.

Parameters

NameTypeDescription
credentialsCredentialsThe credentials to check for compatibility.

Returns

boolean

true if the provided credentials are usable by this AuthScheme.

Overrides

AuthScheme._isCompatibleCredentials

Defined in

uri/src/auth-schemes/bearer.ts:53


createAuthorization

createAuthorization(challenge?, request?, _payload?): Promise<undefined | Authorization>

Generates an Authorization header for an outgoing request.

Throws

AuthSchemeError If the challenge or the credentials provided via setCredentialsProvider are incompatibe with this AuthScheme.

Parameters

NameTypeDescription
challenge?WWWAuthenticateAn optional challenge sent by the remote server.
request?AuthSchemeRequestThe request that is to be authenticated.
_payload?Uint8ArrayThe request payload that will be sent.

Returns

Promise<undefined | Authorization>

An Authorization header with the provided credentials.

Overrides

AuthScheme.createAuthorization

Defined in

uri/src/auth-schemes/bearer.ts:26


setCredentialsProvider

setCredentialsProvider(cp?): BearerAuthScheme

Attaches a CredentialsProvider for retrieving or verifying credentials.

Parameters

NameTypeDescription
cp?Credentials | CredentialsProvider<Credentials>The CredentialsProvider to register.

Returns

BearerAuthScheme

This AuthScheme.

Inherited from

AuthScheme.setCredentialsProvider

Defined in

uri/src/auth-schemes.ts:181


setProxyMode

setProxyMode(proxy): BearerAuthScheme

Sets the proxy mode.

Parameters

NameTypeDescription
proxybooleantrue if proxy mode, else false.

Returns

BearerAuthScheme

This AuthScheme.

Inherited from

AuthScheme.setProxyMode

Defined in

uri/src/auth-schemes.ts:159


setRealm

setRealm(realm): BearerAuthScheme

Sets the realm/domain.

Parameters

NameTypeDescription
realmstringThe realm this instance handles.

Returns

BearerAuthScheme

This AuthScheme.

Inherited from

AuthScheme.setRealm

Defined in

uri/src/auth-schemes.ts:170


verifyAuthenticationInfo

verifyAuthenticationInfo<T>(authentication, _request?, _payload?): Promise<T>

Verifies an AuthenticationInfo or ServerAuthorization header received from a server response.

Not all protocols supports verification of responses. In that case, this method does nothing.

Throws

AuthSchemeError If the authentication or the credentials provided via setCredentialsProvider are incompatibe with this AuthScheme.

Type parameters

NameTypeDescription
Textends undefined | AuthenticationInfo | ServerAuthorizationThe type of the header to validate.

Parameters

NameTypeDescription
authenticationTThe authentication provided by the remote server.
_request?AuthSchemeRequestThe response to a request that is to be authenticated.
_payload?Uint8ArrayThe response payload received from the remote server.

Returns

Promise<T>

The validated AuthenticationInfo/ServerAuthorization header.

Overrides

AuthScheme.verifyAuthenticationInfo

Defined in

uri/src/auth-schemes/bearer.ts:49


verifyAuthorization

verifyAuthorization<T>(authorization, request?, _payload?): Promise<T>

Verifies an Authorization header from an incoming request.

Throws

AuthSchemeError If the authentication or the credentials provided via setCredentialsProvider are incompatibe with this AuthScheme.

Type parameters

NameTypeDescription
Textends undefined | AuthorizationThe type of the header to validate.

Parameters

NameTypeDescription
authorizationTThe authentication provided by the remote client.
request?AuthSchemeRequestThe request that is to be authenticated.
_payload?Uint8ArrayThe request payload that was sent.

Returns

Promise<T>

The validated Authorization header.

Overrides

AuthScheme.verifyAuthorization

Defined in

uri/src/auth-schemes/bearer.ts:33


create

Static create(from, proxy?): AuthScheme<Credentials>

Creates an authentication scheme class from an authentication header or authentication name.

If the authentication scheme is unknown, an instance of UnknownAuthScheme will be returned.

Parameters

NameTypeDescription
fromstring | RegExp | AuthHeaderThe type of authentication scheme to create.
proxy?booleanSet to true to force proxy mode. Defaults to AuthHeader.isProxyHeader or false.

Returns

AuthScheme<Credentials>

An AuthScheme instance that provides authentication for the requested scheme.

Inherited from

AuthScheme.create

Defined in

uri/src/auth-schemes.ts:117


register

Static register<C>(scheme, authScheme): typeof AuthScheme

Registers a new authentication scheme. All subclasses must register their authentication type support with this method.

Type parameters

NameTypeDescription
Cextends CredentialsThe type of credentials this authentication scheme uses.

Parameters

NameTypeDescription
schemestringThe name of the authentication scheme to be registered.
authSchemeConstructor<AuthScheme<C>>The AuthScheme subclass to register.

Returns

typeof AuthScheme

The AuthScheme base class (for method chaining).

Inherited from

AuthScheme.register

Defined in

uri/src/auth-schemes.ts:103


safeCompare

Static safeCompare(untrusted, trusted): boolean

Utility method to compare two secrets in a time-constant manner.

Parameters

NameTypeDescription
untrustedstring | number[]The untrusted secret that should be verified.
trustedstring | number[]The trusted secret that the untrusted secret should be compared against.

Returns

boolean

true if the secrets are equal, else false.

Inherited from

AuthScheme.safeCompare

Defined in

uri/src/auth-schemes.ts:269