Package io.ktor.auth
Types
class Authentication Authentication feature supports pluggable mechanisms for checking and challenging a client to provide credentials |
|
class AuthenticationContext Represents an authentication context for the call |
|
sealed class AuthenticationFailedCause Represents a cause for authentication challenge request |
|
class AuthenticationPipeline : Represents authentication Pipeline for checking and requesting authentication |
|
class AuthenticationProcedureChallenge Represents authentication challenging procedure requested by authentication mechanism |
|
open class AuthenticationProvider Represents an authentication provider with the given name |
|
class AuthenticationRouteSelector : RouteSelector An authentication route node that is used by Authentication feature and usually created by Route.authenticate DSL function so generally there is no need to instantiate it directly unless you are writing an extension |
|
class BasicAuthenticationProvider : AuthenticationProvider Represents a Basic authentication provider |
|
interface Credential Marker interface indicating that a class represents credentials for authentication |
|
object The default state provider that does generate random nonce and don’t keep them |
|
class DigestAuthenticationProvider : AuthenticationProvider Represents a Digest authentication provider |
|
data class DigestCredential : Credential Represents Digest credentials |
|
class ForbiddenResponse : NoContent Response content with |
|
sealed class Specifies what to send back if form authentication fails. |
|
class FormAuthenticationProvider : AuthenticationProvider Represents a form-based authentication provider |
|
object OAuth2RequestParameters List of OAuth2 request parameters for both peers |
|
object OAuth2ResponseParameters List of OAuth2 server response parameters |
|
interface Provides states for OAuth2. State could be just a random number (nonce) or could contain additional form fields or a signature. It is important that it should be a way to verify state. So all states need to be saved somehow or a state need to be a signed set of parameters that could be verified later |
|
sealed class OAuthAccessTokenResponse : Principal OAuth access token acquired from the server |
|
class OAuthAuthenticationProvider : AuthenticationProvider Represents an OAuth provider for Authentication feature |
|
sealed class OAuthCallback OAauth callback parameters |
|
object OAuthGrantTypes OAuth grant types constants |
|
sealed class OAuthServerSettings Represents OAuth server settings |
|
enum class OAuthVersion OAuth versions used in configuration |
|
interface Principal Marker interface indicating that a class represents an authenticated principal |
|
sealed class Specifies what to send back if authentication fails. |
|
class SessionAuthenticationProvider<T : Any> : Represents a session-based authentication provider |
|
class UnauthorizedResponse : NoContent Response content with |
|
class UserHashedTableAuth Simple in-memory table that keeps user names and password hashes |
|
data class UserIdPrincipal : Principal Represents a simple user’s principal identified by name |
|
data class UserPasswordCredential : Credential |
Exceptions
sealed class OAuth1aException : Exception Represents an OAuth1a server error |
|
sealed class OAuth2Exception : Exception Represents a error during communicating to OAuth2 server |
Type Aliases
typealias ApplicationCallPredicate = (ApplicationCall) -> Boolean Predicate function that accepts an application call and returns |
|
typealias AuthenticationFunction<C> = suspend ApplicationCall.(credentials: C) -> Principal? Authentication function that accepts and verifies credentials and returns a principal when verification successful. |
|
Provides message digest for the specified username and realm or returns |
|
typealias FormAuthChallengeFunction = suspend PipelineContext<*, ApplicationCall>.(UserPasswordCredential?) -> Unit Specifies what to send back if form authentication fails. |
|
typealias SessionAuthChallengeFunction<T> = suspend PipelineContext<*, ApplicationCall>.(T?) -> Unit Specifies what to send back if session authentication fails. |
Properties
val OAuthKey: Any OAuth provider key |
|
const val SessionAuthChallengeKey: String A key used to register auth challenge |
|
val ApplicationCall.authentication: AuthenticationContext Retrieves an AuthenticationContext for |
Functions
fun Route.authenticate( Creates an authentication route that does handle authentication by the specified providers referred by
configurations names. |
|
fun Application.authentication( Installs Authentication feature if not yet installed and invokes block on it’s config. One is allowed to modify existing authentication configuration only in authentication’s block or via Authentication.configure function. Changing captured instance of configuration outside of block may have no effect or damage application’s state. |
|
fun Configuration.basic( Installs Basic Authentication mechanism |
|
fun ApplicationRequest.basicAuthenticationCredentials( Retrieves Basic authentication credentials for this ApplicationRequest |
|
fun createObtainRequestTokenHeader( Create an HTTP auth header for OAuth1a obtain token request |
|
fun createUpgradeRequestTokenHeader( Create an HTTP auth header for OAuth1a upgrade token request |
|
fun Configuration.digest( Installs Digest Authentication mechanism |
|
fun ApplicationCall.digestAuthenticationCredentials(): DigestCredential? Retrieves DigestCredential from this call |
|
fun DigestCredential.expectedDigest( Calculates expected digest bytes for this DigestCredential |
|
fun Configuration.form( Installs Form Authentication mechanism |
|
suspend fun PipelineContext<Unit, ApplicationCall>.oauth( Install both OAuth1a and OAuth2 authentication helpers that do redirect to OAuth server authorization page and handle corresponding callbacks fun Configuration.oauth( Installs OAuth Authentication mechanism |
|
suspend fun PipelineContext<Unit, ApplicationCall>.oauthHandleCallback( Handle OAuth callback |
|
suspend fun PipelineContext<Unit, ApplicationCall>.oauthRespondRedirect( Respond OAuth redirect |
|
fun ApplicationRequest.parseAuthorizationHeader(): HttpAuthHeader? Parses an authorization header from a ApplicationRequest returning a HttpAuthHeader. |
|
fun <P : Principal> ApplicationCall.principal(): P? Retrieves authenticated Principal for |
|
fun <T : Principal> Configuration. fun <T : Principal> Configuration.session( Provides ability to authenticate users via sessions. It only works if T session type denotes Principal as well otherwise use full session with lambda function with SessionAuthenticationProvider.Configuration.validate configuration fun <T : Any> Configuration.session( Provides ability to authenticate users via sessions. It is important to have specified SessionAuthenticationProvider.Configuration.validate and SessionAuthenticationProvider.Configuration.challenge in the lambda to get it work property |
|
fun Parameterized.sign( Sign an HTTP auth header |
|
fun signatureBaseString( Build an OAuth1a signature base string as per RFC |
|
fun Parameterized.toDigestCredential(): DigestCredential Converts HttpAuthHeader to DigestCredential |
|
suspend fun DigestCredential.verifier( Verifies credentials are valid for given method and digester and userNameRealmPasswordDigest |
|
suspend fun verifyWithOAuth2( Implements Resource Owner Password Credentials Grant see http://tools.ietf.org/html/rfc6749#section-4.3 |