Authorizer class

A RequestController that will authorize further passage in a RequestController chain when a request has valid credentials.

An instance of Authorizer will validate a Request given a strategy and a validator. validator is typically the instance of AuthServer in an application.

If the Request is unauthorized (as determined by the validator), it will respond with the appropriate status code and prevent further request processing. If the Request is valid, an Authorization will be added to the Request and the request will be delivered to this instance's nextController. Usage:

      .pipe(new Authorizer.bearer(authServer))
      .generate(() => new ProtectedResourceController());


Authorizer(AuthValidator validator, { AuthStrategy strategy: AuthStrategy.bearer, List<String> scopes })
Creates an instance of Authorizer. [...]
Authorizer.basic(AuthValidator validator)
Creates an instance of Authorizer using AuthStrategy.basic.
Authorizer.bearer(AuthValidator validator, { List<String> scopes })
Creates an instance of Authorizer using AuthStrategy.bearer. [...]


scopes List<String>
The list of scopes this instance requires. [...]
read / write
strategy AuthStrategy
The AuthStrategy for authorizing a request. [...]
read / write
validator AuthValidator
The validating authorization object. [...]
read / write
documentableChild APIDocumentable
Returns the next documentable object in a chain of documentable objects. [...]
read-only, inherited
hashCode int
The hash code for this object. [...]
read-only, inherited
logger Logger
An instance of the 'aqueduct' logger.
read-only, inherited
nextController RequestController
Receives requests that this controller does not respond to. [...]
read-only, inherited
policy CORSPolicy
The CORS policy of this controller.
read / write, inherited
runtimeType Type
A representation of the runtime type of the object.
read-only, inherited


documentOperations(PackagePathResolver resolver) List<APIOperation>
Returns all APIOperations this object knows about.
processRequest(Request req) FutureOr<RequestOrResponse>
Overridden by subclasses to modify or respond to an incoming request. [...]
applyCORSHeadersIfNecessary(Request req, Response resp) → void
documentAPI(PackagePathResolver resolver) APIDocument
Returns an entire APIDocument describing an OpenAPI specification. [...]
documentPaths(PackagePathResolver resolver) List<APIPath>
Returns all APIPath objects this instance knows about. [...]
documentRequestBodyForOperation(APIOperation operation) APIRequestBody
Returns all APIRequestBodys for operation.
documentResponsesForOperation(APIOperation operation) List<APIResponse>
Returns all APIResponses for operation.
documentSecuritySchemes(PackagePathResolver resolver) Map<String, APISecurityScheme>
Returns all APISecuritySchemes this instance knows about.
generate(RequestController instantiator()) RequestController
Sets the nextController that will receive a request after this one. [...]
handleError(Request request, dynamic caughtValue, StackTrace trace) Future<bool>
Sends an HTTP response for a request that yields an exception or error. [...]
listen(FutureOr<RequestOrResponse> process(Request request)) RequestController
Sets the nextController that will receive a request after this one. [...]
noSuchMethod(Invocation invocation) → dynamic
Invoked when a non-existent method or property is accessed. [...]
pipe(RequestController next) RequestController
Sets the nextController that will receive a request after this one. [...]
receive(Request req) Future
Delivers req to this instance to be processed. [...]
toString() String
Returns a string representation of this object.
willSendResponse(Response response) → void
Executed prior to Response being sent. [...]


operator ==(dynamic other) bool
The equality operator. [...]