Class: AuthClientController
api-login/auth/auth-clients.controller.AuthClientController
Controller for all queries related to auth clients and their client secrets
All requests require authentication and admin access.
Route prefix: client
Constructors
constructor
• new AuthClientController(authClientService, loginUserService)
Parameters
| Name | Type |
|---|---|
authClientService | AuthClientService |
loginUserService | LoginUserService |
Defined in
gropius-login-service/backend/src/api-login/auth/auth-clients.controller.ts:36
Properties
authClientService
• Private Readonly authClientService: AuthClientService
Defined in
gropius-login-service/backend/src/api-login/auth/auth-clients.controller.ts:37
loginUserService
• Private Readonly loginUserService: LoginUserService
Defined in
gropius-login-service/backend/src/api-login/auth/auth-clients.controller.ts:38
Methods
createClientSecret
▸ createClientSecret(id): Promise<CreateAuthClientSecretResponse>
Generates a new client secret for the specified auth client.
NOTE: The returned value includes the secret text that is the actual secret. It can NOT be retrieved later on. The censored version and fingerprint will be returned too for reference.
Parameters
| Name | Type | Description |
|---|---|---|
id | string | The uuid string of an existing auth client to create the secret for |
Returns
Promise<CreateAuthClientSecretResponse>
The generated client secret
Defined in
gropius-login-service/backend/src/api-login/auth/auth-clients.controller.ts:329
createNewAuthClient
▸ createNewAuthClient(input): Promise<AuthClient>
Creates a new auth client.
Redirect urls defaults to empty list.
If no redirectURLs are specified the client will be unusable until they are updated.
If requiresSecret is true, authorization as this client won't work until a client secret is added
(see POST /login/client/:id/clientSecret).
Needs admin persmissions.
Parameters
| Name | Type | Description |
|---|---|---|
input | CreateAuthClientInput | The input data for the new auth client |
Returns
Promise<AuthClient>
The newly created auth client instance
Defined in
gropius-login-service/backend/src/api-login/auth/auth-clients.controller.ts:119
deleteAuthClient
▸ deleteAuthClient(id): Promise<DefaultReturn>
Permanently deletes an existing auth client by its id.
Parameters
| Name | Type | Description |
|---|---|---|
id | string | The uuid string of an existing auth client to delete |
Returns
Promise<DefaultReturn>
DefaultReturn
Defined in
gropius-login-service/backend/src/api-login/auth/auth-clients.controller.ts:257
deleteClientSecret
▸ deleteClientSecret(id, fingerprint): Promise<DefaultReturn>
Deletes the client secret with the given fingerprint from the autch client with the given id
Parameters
| Name | Type | Description |
|---|---|---|
id | string | The uuid string of an existing auth client to delete |
fingerprint | string | The fingerprint returned by the clientSecrets endpoint to identify the client secret to delete |
Returns
Promise<DefaultReturn>
The default response
Defined in
gropius-login-service/backend/src/api-login/auth/auth-clients.controller.ts:375
editAuthClient
▸ editAuthClient(id, input): Promise<AuthClient>
Updates the auth client with the given ID. Only parameter given in the input will be changed.
If redirectUrls is given, it wil replace all previous URLs.
Merging (if needed) needs to be done by the client.
Parameters
| Name | Type | Description |
|---|---|---|
id | string | The uuid string of an existing auth client |
input | UpdateAuthClientInput | The input data dto |
Returns
Promise<AuthClient>
The auth client with the updated data
Defined in
gropius-login-service/backend/src/api-login/auth/auth-clients.controller.ts:188
getClientSecrets
▸ getClientSecrets(id): Promise<CensoredClientSecret[]>
Retrieves all existing client secrets of the specified auth client.
The returned secrets only contain the 5 letter prefix (censored client secret text) and the fingerprint for identification (for deleting secrets). The original secret text is NOT returned. It can only be retrieved once while creating the secret.
Parameters
| Name | Type | Description |
|---|---|---|
id | string | The uuid string of an existing auth client |
Returns
Promise<CensoredClientSecret[]>
All client secrets of the auth client (censored)
Defined in
gropius-login-service/backend/src/api-login/auth/auth-clients.controller.ts:293
getOneAuthClient
▸ getOneAuthClient(id): Promise<GetAuthClientResponse>
Gets one specific auth clients by its uuid. This will also include the list of censored client secrets (see GET /login/client/:id/clientSecret)
Needs admin permissions
Parameters
| Name | Type | Description |
|---|---|---|
id | string | The uuid string of an existing auth client to return |
Returns
Promise<GetAuthClientResponse>
The requested auth client including the censored client secrets (see GET /login/client/:id/clientSecret)
Defined in
gropius-login-service/backend/src/api-login/auth/auth-clients.controller.ts:84
listAllAuthClients
▸ listAllAuthClients(): Promise<AuthClient[]>
Gets all auth clients that exist in the system. Client secrets are not returned.
Needs admin permissions
Returns
Promise<AuthClient[]>
A list of all existing auth clients
Defined in
gropius-login-service/backend/src/api-login/auth/auth-clients.controller.ts:56