A RequestController that will authorize further passage in a RequestController chain when a request has valid credentials.
An instance of Authorizer will validate a Request given a strategy and a validator. validator is typically the instance of AuthServer in an application.
If the Request is unauthorized (as determined by the validator), it will respond with the appropriate status code and prevent further request processing. If the Request is valid, an Authorization will be added to the Request and the request will be delivered to this instance's nextController. Usage:
router
.route("/protectedroute")
.pipe(new Authorizer.bearer(authServer))
.generate(() => new ProtectedResourceController());
- Inheritance
- Object
- RequestController
- Authorizer
Constructors
- Authorizer(AuthValidator validator, { AuthStrategy strategy: AuthStrategy.bearer, List<String> scopes })
-
Creates an instance of Authorizer.
- Authorizer.basic(AuthValidator validator)
-
Creates an instance of Authorizer using AuthStrategy.basic.
- Authorizer.bearer(AuthValidator validator, { List<String> scopes })
-
Creates an instance of Authorizer using AuthStrategy.bearer.
Properties
- scopes → List<String>
-
The list of scopes this instance requires.
read / write - strategy → AuthStrategy
-
The AuthStrategy for authorizing a request.
read / write - validator → AuthValidator
-
The validating authorization object.
read / write - documentableChild → APIDocumentable
-
@override, read-only, inherited
- hashCode → int
-
The hash code for this object.
read-only, inherited - logger → Logger
-
An instance of the 'aqueduct' logger.
read-only, inherited - nextController → RequestController
-
Receives requests that this controller does not respond to.
read-only, inherited - policy → CORSPolicy
-
The CORS policy of this controller.
read / write, inherited - runtimeType → Type
-
A representation of the runtime type of the object.
read-only, inherited
Operators
-
operator ==(
other) → bool -
The equality operator.
inherited
Methods
-
documentOperations(
PackagePathResolver resolver) → List<APIOperation> -
Returns all
APIOperation
s this object knows about. -
processRequest(
Request req) → dynamic -
Overridden by subclasses to modify or respond to an incoming request.
-
applyCORSHeadersIfNecessary(
Request req, Response resp) → void -
inherited
-
documentAPI(
PackagePathResolver resolver) → APIDocument -
Returns an entire APIDocument describing an OpenAPI specification.
inherited -
documentPaths(
PackagePathResolver resolver) → List<APIPath> -
Returns all APIPath objects this instance knows about.
inherited -
documentRequestBodyForOperation(
APIOperation operation) → APIRequestBody -
Returns all APIRequestBodys for
operation
.inherited -
documentResponsesForOperation(
APIOperation operation) → List<APIResponse> -
Returns all APIResponses for
operation
.inherited -
documentSecuritySchemes(
PackagePathResolver resolver) → Map<String, APISecurityScheme> -
Returns all APISecuritySchemes this instance knows about.
inherited -
generate(
RequestController instantiator()) → RequestController -
Sets the nextController that will receive a request after this one.
inherited -
handleError(
Request request, caughtValue, StackTrace trace) → Future<bool> -
Sends an HTTP response for a request that yields an exception or error.
inherited -
listen(
dynamic process(Request request)) → RequestController -
Sets the nextController that will receive a request after this one.
inherited -
noSuchMethod(
Invocation invocation) → dynamic -
Invoked when a non-existent method or property is accessed.
inherited -
pipe(
RequestController next) → RequestController -
Sets the nextController that will receive a request after this one.
inherited -
receive(
Request req) → Future -
Delivers
req
to this instance to be processed.inherited -
toString(
) → String -
Returns a string representation of this object.
inherited -
willSendResponse(
Response response) → void -
Executed prior to Response being sent.
inherited