A RequestController that will authorize further passage in a RequestController chain when a request has valid credentials.

An instance of Authorizer will validate a Request given a strategy and a validator. validator is typically the instance of AuthServer in an application.

If the Request is unauthorized (as determined by the validator), it will respond with the appropriate status code and prevent further request processing. If the Request is valid, an Authorization will be added to the Request and the request will be delivered to this instance's nextController. Usage:

    router
      .route("/protectedroute")
      .pipe(new Authorizer.bearer(authServer))
      .generate(() => new ProtectedResourceController());
Inheritance

Constructors

Authorizer(AuthValidator validator, { AuthStrategy strategy: AuthStrategy.bearer, List<String> scopes })

Creates an instance of Authorizer.

Authorizer.basic(AuthValidator validator)

Creates an instance of Authorizer using AuthStrategy.basic.

Authorizer.bearer(AuthValidator validator, { List<String> scopes })

Creates an instance of Authorizer using AuthStrategy.bearer.

Properties

scopes → List<String>

The list of scopes this instance requires.

read / write
strategy AuthStrategy

The AuthStrategy for authorizing a request.

read / write
validator AuthValidator

The validating authorization object.

read / write
documentableChild APIDocumentable

@override, read-only, inherited
hashCode → int

The hash code for this object.

read-only, inherited
logger Logger

read-only, inherited
nextController RequestController

read / write, inherited
policy CORSPolicy

The CORS policy of this controller.

read / write, inherited
runtimeType → Type

A representation of the runtime type of the object.

read-only, inherited

Operators

operator ==(other) → bool

The equality operator.

inherited

Methods

documentOperations(PackagePathResolver resolver) → List<APIOperation>

Returns all APIOperations this object knows about.

processRequest(Request req) → Future<RequestOrResponse>

Overridden by subclasses to modify or respond to an incoming request.

applyCORSHeadersIfNecessary(Request req, Response resp) → void

inherited
documentAPI(PackagePathResolver resolver) APIDocument

Returns an entire APIDocument describing an OpenAPI specification.

inherited
documentPaths(PackagePathResolver resolver) → List<APIPath>

Returns all APIPath objects this instance knows about.

inherited
documentRequestBodyForOperation(APIOperation operation) APIRequestBody

Returns all APIRequestBodys for operation.

inherited
documentResponsesForOperation(APIOperation operation) → List<APIResponse>

Returns all APIResponses for operation.

inherited
documentSecuritySchemes(PackagePathResolver resolver) → Map<String, APISecurityScheme>

Returns all APISecuritySchemes this instance knows about.

inherited
generate(RequestController generatorFunction()) RequestController

A function that instantiates a RequestController to pass a Request to if this instance returns a Request from processRequest.

inherited
handleError(Request request, caughtValue, StackTrace trace) → Future<bool>

Sends an HTTP response for a request that yields an exception or error.

inherited
listen(Future<RequestOrResponse> requestControllerFunction(Request request)) RequestController

A closure that responds to or forwards a Request.

inherited
noSuchMethod(Invocation invocation) → dynamic

Invoked when a non-existent method or property is accessed.

inherited
pipe(RequestController n) RequestController

The next RequestController to pass a Request to if this instance returns a Request from processRequest.

inherited
receive(Request req) → Future

The mechanism for delivering a Request to this controller for processing.

inherited
toString() → String

Returns a string representation of this object.

inherited
willSendResponse(Response response) → void

Executed prior to Response being sent.

inherited