Returns an Authorization from a bearer token.
This method must either return a Future
that yields an Authorization or return null.
If this method returns null, the invoking Authorizer will disallow further
request handling and immediately return a 401 status code. If this method returns an
Authorization, it will be set as the Request.authorization and request handling
will continue to the Authorizer.nextController.
scopesRequired
is the list of scopes established when the Authorizer
is created. Implementors of this method must verify the bearer token has access to scopesRequired
.
If scopesRequired
is null, an implementor may make its own determination about whether
the token results in an Authorization. By default, AuthServer - the primary implementor of this type -
will allow access, assuming that 'null scope' means 'any scope'.
Source
Future<Authorization> fromBearerToken( String bearerToken, {List<AuthScope> scopesRequired});