Class: OauthTokenMiddleware
oauth-server/oauth-token.middleware.OauthTokenMiddleware
Implements
NestMiddleware
Constructors
constructor
• new OauthTokenMiddleware(tokenService, authClientService, tokenResponseCodeMiddleware, strategiesMiddleware, postCredentialsMiddleware)
Parameters
| Name | Type |
|---|---|
tokenService | TokenService |
authClientService | AuthClientService |
tokenResponseCodeMiddleware | TokenAuthorizationCodeMiddleware |
strategiesMiddleware | StrategiesMiddleware |
postCredentialsMiddleware | PostCredentialsMiddleware |
Defined in
login-service/src/oauth-server/oauth-token.middleware.ts:19
Properties
authClientService
• Private Readonly authClientService: AuthClientService
Defined in
login-service/src/oauth-server/oauth-token.middleware.ts:21
logger
• Private Readonly logger: Logger
Defined in
login-service/src/oauth-server/oauth-token.middleware.ts:17
postCredentialsMiddleware
• Private Readonly postCredentialsMiddleware: PostCredentialsMiddleware
Defined in
login-service/src/oauth-server/oauth-token.middleware.ts:24
strategiesMiddleware
• Private Readonly strategiesMiddleware: StrategiesMiddleware
Defined in
login-service/src/oauth-server/oauth-token.middleware.ts:23
tokenResponseCodeMiddleware
• Private Readonly tokenResponseCodeMiddleware: TokenAuthorizationCodeMiddleware
Defined in
login-service/src/oauth-server/oauth-token.middleware.ts:22
tokenService
• Private Readonly tokenService: TokenService
Defined in
login-service/src/oauth-server/oauth-token.middleware.ts:20
Methods
checkGivenClientSecretValidOrNotRequired
▸ Private checkGivenClientSecretValidOrNotRequired(client, givenSecret?): Promise<boolean>
Parameters
| Name | Type |
|---|---|
client | AuthClient |
givenSecret? | string |
Returns
Promise<boolean>
Defined in
login-service/src/oauth-server/oauth-token.middleware.ts:27
getCallingClient
▸ Private getCallingClient(req, findAnyWithoutSecret?): Promise<AuthClient>
Performs the OAuth client authentication by checking the given client_id and client_secret in the Authorization header and in the body (both allowed according to OAuth spec).
Flag can be set to return any client without secrets if desired to allow logins without client
Parameters
| Name | Type | Default value | Description |
|---|---|---|---|
req | Request<ParamsDictionary, any, any, ParsedQs, Record<string, any>> | undefined | The request object |
findAnyWithoutSecret | boolean | false | Set to true to find any client that has no secret => allowing for login without a known client |
Returns
Promise<AuthClient>
The auth client that requested (or any without secret if flag ist set)
or null if credentials invalid or none given
Defined in
login-service/src/oauth-server/oauth-token.middleware.ts:55
use
▸ use(req, res, next): Promise<void>
Parameters
| Name | Type |
|---|---|
req | Request<ParamsDictionary, any, any, ParsedQs, Record<string, any>> |
res | Response<any, Record<string, any>> |
next | () => void |
Returns
Promise<void>
Implementation of
NestMiddleware.use
Defined in
login-service/src/oauth-server/oauth-token.middleware.ts:105