Package io.ktor.auth
Types
class AuthenticationAuthentication feature supports pluggable mechanisms for checking and challenging a client to provide credentials |
|
class AuthenticationContextRepresents an authentication context for the call |
|
sealed class AuthenticationFailedCauseRepresents a cause for authentication challenge request |
|
class AuthenticationPipeline : Represents authentication Pipeline for checking and requesting authentication |
|
class AuthenticationProcedureChallengeRepresents authentication challenging procedure requested by authentication mechanism |
|
open class AuthenticationProviderRepresents an authentication provider with the given name |
|
class AuthenticationRouteSelector : RouteSelectorAn authentication route node that is used by Authentication feature and usually created by Route.authenticate DSL function so generally there is no need to instantiate it directly unless you are writing an extension |
|
class BasicAuthenticationProvider : AuthenticationProviderRepresents a Basic authentication provider |
|
interface CredentialMarker interface indicating that a class represents credentials for authentication |
|
object The default state provider that does generate random nonce and don’t keep them |
|
class DigestAuthenticationProvider : AuthenticationProviderRepresents a Digest authentication provider |
|
data class DigestCredential : CredentialRepresents Digest credentials |
|
class ForbiddenResponse : NoContentResponse content with |
|
sealed class Specifies what to send back if form authentication fails. |
|
class FormAuthenticationProvider : AuthenticationProviderRepresents a form-based authentication provider |
|
object OAuth2RequestParametersList of OAuth2 request parameters for both peers |
|
object OAuth2ResponseParametersList of OAuth2 server response parameters |
|
interface Provides states for OAuth2. State could be just a random number (nonce) or could contain additional form fields or a signature. It is important that it should be a way to verify state. So all states need to be saved somehow or a state need to be a signed set of parameters that could be verified later |
|
sealed class OAuthAccessTokenResponse : PrincipalOAuth access token acquired from the server |
|
class OAuthAuthenticationProvider : AuthenticationProviderRepresents an OAuth provider for Authentication feature |
|
sealed class OAuthCallbackOAauth callback parameters |
|
object OAuthGrantTypesOAuth grant types constants |
|
sealed class OAuthServerSettingsRepresents OAuth server settings |
|
enum class OAuthVersionOAuth versions used in configuration |
|
interface PrincipalMarker interface indicating that a class represents an authenticated principal |
|
sealed class Specifies what to send back if authentication fails. |
|
class SessionAuthenticationProvider<T : Any> : Represents a session-based authentication provider |
|
class UnauthorizedResponse : NoContentResponse content with |
|
class UserHashedTableAuthSimple in-memory table that keeps user names and password hashes |
|
data class UserIdPrincipal : PrincipalRepresents a simple user’s principal identified by name |
|
data class UserPasswordCredential : Credential |
Exceptions
sealed class OAuth1aException : ExceptionRepresents an OAuth1a server error |
|
sealed class OAuth2Exception : ExceptionRepresents a error during communicating to OAuth2 server |
Type Aliases
typealias ApplicationCallPredicate = (ApplicationCall) -> BooleanPredicate function that accepts an application call and returns |
|
typealias AuthenticationFunction<C> = suspend ApplicationCall.(credentials: C) -> Principal?Authentication function that accepts and verifies credentials and returns a principal when verification successful. |
|
|
Provides message digest for the specified username and realm or returns |
|
typealias FormAuthChallengeFunction = suspend PipelineContext<*, ApplicationCall>.(UserPasswordCredential?) -> UnitSpecifies what to send back if form authentication fails. |
|
typealias SessionAuthChallengeFunction<T> = suspend PipelineContext<*, ApplicationCall>.(T?) -> UnitSpecifies what to send back if session authentication fails. |
Properties
val OAuthKey: AnyOAuth provider key |
|
const val SessionAuthChallengeKey: StringA key used to register auth challenge |
|
val ApplicationCall.authentication: AuthenticationContextRetrieves an AuthenticationContext for |
Functions
fun Route.authenticate(Creates an authentication route that does handle authentication by the specified providers referred by
configurations names. |
|
fun Application.authentication(Installs Authentication feature if not yet installed and invokes block on it’s config. One is allowed to modify existing authentication configuration only in authentication’s block or via Authentication.configure function. Changing captured instance of configuration outside of block may have no effect or damage application’s state. |
|
fun Configuration.basic(Installs Basic Authentication mechanism |
|
fun ApplicationRequest.basicAuthenticationCredentials(Retrieves Basic authentication credentials for this ApplicationRequest |
|
fun createObtainRequestTokenHeader(Create an HTTP auth header for OAuth1a obtain token request |
|
fun createUpgradeRequestTokenHeader(Create an HTTP auth header for OAuth1a upgrade token request |
|
fun Configuration.digest(Installs Digest Authentication mechanism |
|
fun ApplicationCall.digestAuthenticationCredentials(): DigestCredential?Retrieves DigestCredential from this call |
|
fun DigestCredential.expectedDigest(Calculates expected digest bytes for this DigestCredential |
|
fun Configuration.form(Installs Form Authentication mechanism |
|
suspend fun PipelineContext<Unit, ApplicationCall>.oauth(Install both OAuth1a and OAuth2 authentication helpers that do redirect to OAuth server authorization page and handle corresponding callbacks fun Configuration.oauth(Installs OAuth Authentication mechanism |
|
suspend fun PipelineContext<Unit, ApplicationCall>.oauthHandleCallback(Handle OAuth callback |
|
suspend fun PipelineContext<Unit, ApplicationCall>.oauthRespondRedirect(Respond OAuth redirect |
|
fun ApplicationRequest.parseAuthorizationHeader(): HttpAuthHeader?Parses an authorization header from a ApplicationRequest returning a HttpAuthHeader. |
|
fun <P : Principal> ApplicationCall.principal(): P?Retrieves authenticated Principal for |
|
fun <T : Principal> Configuration.fun <T : Principal> Configuration.session(Provides ability to authenticate users via sessions. It only works if T session type denotes Principal as well otherwise use full session with lambda function with SessionAuthenticationProvider.Configuration.validate configuration fun <T : Any> Configuration.session(Provides ability to authenticate users via sessions. It is important to have specified SessionAuthenticationProvider.Configuration.validate and SessionAuthenticationProvider.Configuration.challenge in the lambda to get it work property |
|
fun Parameterized.sign(Sign an HTTP auth header |
|
fun signatureBaseString(Build an OAuth1a signature base string as per RFC |
|
fun Parameterized.toDigestCredential(): DigestCredentialConverts HttpAuthHeader to DigestCredential |
|
suspend fun DigestCredential.verifier(Verifies credentials are valid for given method and digester and userNameRealmPasswordDigest |
|
suspend fun verifyWithOAuth2(Implements Resource Owner Password Credentials Grant see http://tools.ietf.org/html/rfc6749#section-4.3 |