Class DemoInMemoryAuthProvider

constructor

• new DemoInMemoryAuthProvider(
      validateResource?: (resource?: URL) => boolean,
  ): DemoInMemoryAuthProvider

  Parameters

  • OptionalvalidateResource: (resource?: URL) => boolean

  Returns DemoInMemoryAuthProvider

clientsStore

authorize

• authorize(
      client: {
          client_id: string;
          client_id_issued_at?: number;
          client_name?: string;
          client_secret?: string;
          client_secret_expires_at?: number;
          client_uri?: string;
          contacts?: string[];
          grant_types?: string[];
          jwks?: any;
          jwks_uri?: string;
          logo_uri?: string;
          policy_uri?: string;
          redirect_uris: string[];
          response_types?: string[];
          scope?: string;
          software_id?: string;
          software_statement?: string;
          software_version?: string;
          token_endpoint_auth_method?: string;
          tos_uri?: string;
      },
      params: AuthorizationParams,
      res: Response,
  ): Promise<void>

  Begins the authorization flow, which can either be implemented by this server itself or via redirection to a separate authorization server.

  This server must eventually issue a redirect with an authorization response or an error response to the given redirect URI. Per OAuth 2.1:

  • In the successful case, the redirect MUST include the code and state (if present) query parameters.
  • In the error case, the redirect MUST include the error query parameter, and MAY include an optional error_description query parameter.

  Parameters

  • client: {
        client_id: string;
        client_id_issued_at?: number;
        client_name?: string;
        client_secret?: string;
        client_secret_expires_at?: number;
        client_uri?: string;
        contacts?: string[];
        grant_types?: string[];
        jwks?: any;
        jwks_uri?: string;
        logo_uri?: string;
        policy_uri?: string;
        redirect_uris: string[];
        response_types?: string[];
        scope?: string;
        software_id?: string;
        software_statement?: string;
        software_version?: string;
        token_endpoint_auth_method?: string;
        tos_uri?: string;
    }
  • params: AuthorizationParams
  • res: Response

  Returns Promise<void>

challengeForAuthorizationCode

• challengeForAuthorizationCode(
      client: {
          client_id: string;
          client_id_issued_at?: number;
          client_name?: string;
          client_secret?: string;
          client_secret_expires_at?: number;
          client_uri?: string;
          contacts?: string[];
          grant_types?: string[];
          jwks?: any;
          jwks_uri?: string;
          logo_uri?: string;
          policy_uri?: string;
          redirect_uris: string[];
          response_types?: string[];
          scope?: string;
          software_id?: string;
          software_statement?: string;
          software_version?: string;
          token_endpoint_auth_method?: string;
          tos_uri?: string;
      },
      authorizationCode: string,
  ): Promise<string>

  Returns the codeChallenge that was used when the indicated authorization began.

  Parameters

  • client: {
        client_id: string;
        client_id_issued_at?: number;
        client_name?: string;
        client_secret?: string;
        client_secret_expires_at?: number;
        client_uri?: string;
        contacts?: string[];
        grant_types?: string[];
        jwks?: any;
        jwks_uri?: string;
        logo_uri?: string;
        policy_uri?: string;
        redirect_uris: string[];
        response_types?: string[];
        scope?: string;
        software_id?: string;
        software_statement?: string;
        software_version?: string;
        token_endpoint_auth_method?: string;
        tos_uri?: string;
    }
  • authorizationCode: string

  Returns Promise<string>

exchangeAuthorizationCode

• exchangeAuthorizationCode(
      client: {
          client_id: string;
          client_id_issued_at?: number;
          client_name?: string;
          client_secret?: string;
          client_secret_expires_at?: number;
          client_uri?: string;
          contacts?: string[];
          grant_types?: string[];
          jwks?: any;
          jwks_uri?: string;
          logo_uri?: string;
          policy_uri?: string;
          redirect_uris: string[];
          response_types?: string[];
          scope?: string;
          software_id?: string;
          software_statement?: string;
          software_version?: string;
          token_endpoint_auth_method?: string;
          tos_uri?: string;
      },
      authorizationCode: string,
      _codeVerifier?: string,
  ): Promise<
      {
          access_token: string;
          expires_in?: number;
          refresh_token?: string;
          scope?: string;
          token_type: string;
      },
  >

  Exchanges an authorization code for an access token.

  Parameters

  • client: {
        client_id: string;
        client_id_issued_at?: number;
        client_name?: string;
        client_secret?: string;
        client_secret_expires_at?: number;
        client_uri?: string;
        contacts?: string[];
        grant_types?: string[];
        jwks?: any;
        jwks_uri?: string;
        logo_uri?: string;
        policy_uri?: string;
        redirect_uris: string[];
        response_types?: string[];
        scope?: string;
        software_id?: string;
        software_statement?: string;
        software_version?: string;
        token_endpoint_auth_method?: string;
        tos_uri?: string;
    }
  • authorizationCode: string
  • Optional_codeVerifier: string

  Returns Promise<
      {
          access_token: string;
          expires_in?: number;
          refresh_token?: string;
          scope?: string;
          token_type: string;
      },
  >

exchangeRefreshToken

• exchangeRefreshToken(
      _client: {
          client_id: string;
          client_id_issued_at?: number;
          client_name?: string;
          client_secret?: string;
          client_secret_expires_at?: number;
          client_uri?: string;
          contacts?: string[];
          grant_types?: string[];
          jwks?: any;
          jwks_uri?: string;
          logo_uri?: string;
          policy_uri?: string;
          redirect_uris: string[];
          response_types?: string[];
          scope?: string;
          software_id?: string;
          software_statement?: string;
          software_version?: string;
          token_endpoint_auth_method?: string;
          tos_uri?: string;
      },
      _refreshToken: string,
      _scopes?: string[],
      _resource?: URL,
  ): Promise<
      {
          access_token: string;
          expires_in?: number;
          refresh_token?: string;
          scope?: string;
          token_type: string;
      },
  >

  Exchanges a refresh token for an access token.

  Parameters

  • _client: {
        client_id: string;
        client_id_issued_at?: number;
        client_name?: string;
        client_secret?: string;
        client_secret_expires_at?: number;
        client_uri?: string;
        contacts?: string[];
        grant_types?: string[];
        jwks?: any;
        jwks_uri?: string;
        logo_uri?: string;
        policy_uri?: string;
        redirect_uris: string[];
        response_types?: string[];
        scope?: string;
        software_id?: string;
        software_statement?: string;
        software_version?: string;
        token_endpoint_auth_method?: string;
        tos_uri?: string;
    }
  • _refreshToken: string
  • Optional_scopes: string[]
  • Optional_resource: URL

  Returns Promise<
      {
          access_token: string;
          expires_in?: number;
          refresh_token?: string;
          scope?: string;
          token_type: string;
      },
  >

verifyAccessToken

• verifyAccessToken(token: string): Promise<AuthInfo>

  Verifies an access token and returns information about it.

  Parameters

  • token: string

  Returns Promise<AuthInfo>