Future<AuthToken> authenticate(String username, String password, String clientID, String clientSecret, { Duration expiration: const Duration(hours: 24), List<AuthScope> requestedScopes })

Authenticates a username and password of an Authenticatable and returns an AuthToken upon success.

This method works with this instance's storage to generate and store a new token if all credentials are correct. If credentials are not correct, it will throw the appropriate AuthRequestError.

After expiration, this token will no longer be valid.

Source

Future<AuthToken> authenticate(
    String username, String password, String clientID, String clientSecret,
    {Duration expiration: const Duration(hours: 24), List<AuthScope> requestedScopes}) async {
  if (clientID == null) {
    throw new AuthServerException(AuthRequestError.invalidClient, null);
  }

  AuthClient client = await clientForID(clientID);
  if (client == null) {
    throw new AuthServerException(AuthRequestError.invalidClient, null);
  }

  if (username == null || password == null) {
    throw new AuthServerException(AuthRequestError.invalidRequest, client);
  }

  if (client.isPublic) {
    if (!(clientSecret == null || clientSecret == "")) {
      throw new AuthServerException(AuthRequestError.invalidClient, client);
    }
  } else {
    if (clientSecret == null) {
      throw new AuthServerException(AuthRequestError.invalidClient, client);
    }

    if (client.hashedSecret !=
        AuthUtility.generatePasswordHash(clientSecret, client.salt)) {
      throw new AuthServerException(AuthRequestError.invalidClient, client);
    }
  }

  var authenticatable =
      await storage.fetchAuthenticatableByUsername(this, username);
  if (authenticatable == null) {
    throw new AuthServerException(AuthRequestError.invalidGrant, client);
  }

  var dbSalt = authenticatable.salt;
  var dbPassword = authenticatable.hashedPassword;
  var hash = AuthUtility.generatePasswordHash(password, dbSalt);
  if (hash != dbPassword) {
    throw new AuthServerException(AuthRequestError.invalidGrant, client);
  }

  List<AuthScope> validScopes;
  if (client.supportsScopes) {
    if ((requestedScopes?.length ?? 0) == 0) {
      throw new AuthServerException(AuthRequestError.invalidScope, client);
    }

    validScopes = requestedScopes
        .where((incomingScope) => client.allowsScope(incomingScope))
        .toList();

    if (validScopes.length == 0) {
      throw new AuthServerException(AuthRequestError.invalidScope, client);
    }
  }

  AuthToken token = _generateToken(
      authenticatable.id, client.id, expiration.inSeconds,
      allowRefresh: !client.isPublic,
      scopes: validScopes);
  await storage.storeToken(this, token);

  return token;
}