- @override
Returns an Authorization
from a bearer token.
This method must either return a Future
that yields an Authorization
or return null.
If this method returns null, the invoking Authorizer
will disallow further
request handling and immediately return a 401 status code. If this method returns an
Authorization
, it will be set as the Request.authorization
and request handling
will continue to the Authorizer.nextController
.
scopesRequired
is the list of scopes established when the Authorizer
is created. Implementors of this method must verify the bearer token has access to scopesRequired
.
If scopesRequired
is null, an implementor may make its own determination about whether
the token results in an Authorization
. By default, AuthServer
- the primary implementor of this type -
will allow access, assuming that 'null scope' means 'any scope'.
Source
@override Future<Authorization> fromBearerToken( String bearerToken, {List<AuthScope> scopesRequired}) { return verify(bearerToken, scopesRequired: scopesRequired); }