Package-level declarations

A predicate function that accepts an application call and returns true or false.

A plugin that handles authentication and authorization. Typical usage scenarios include logging in users, granting access to specific resources, and securely transmitting information between parties.

A hook that is executed after authentication was checked. Note that this hook is also executed for optional authentication or for routes without any authentication, resulting in ApplicationCall.principal being null.

A configuration for the Authentication plugin.

An authentication context for a call.

Represents a cause for an authentication challenge request.

An authentication function that accepts and verifies credentials and returns a principal when verification is successful.

Represents an authentication challenging procedure requested by authentication mechanism.

An authentication provider with the specified name.

An authentication route node that is used by Authentication plugin and usually created by the Routing.authenticate DSL function, so generally there is no need to instantiate it directly unless you are writing an extension.

A resolution strategy for nested authentication providers. AuthenticationStrategy.Optional - if no authentication is provided by the client, a call continues but with a null Principal. AuthenticationStrategy.FirstSuccessful - client must provide authentication data for at least one provider registered for this route AuthenticationStrategy.Required - client must provide authentication data for all providers registered for this route with this strategy

A basic Authentication provider.

A Bearer Authentication provider.

A marker interface indicating that a class represents credentials for authentication.

A digest Authentication provider.

Digest credentials.

Provides a message digest for the specified username and realm or returns null if a user is missing. This function could fetch digest from a database or compute it instead.

A configuration that creates a provider based on the AuthenticationConfig.provider block.

Response content with the 403 Forbidden status code and the WWW-Authenticate header of supplied challenges

A context for FormAuthChallengeFunction.

Specifies what to send back if form-based authentication fails.

A form-based authentication provider.

An OAuth1a server error.

Represents an error during communicating to OAuth2 server.

Error container for when the upstream identity provider does not respond with the token credentials, and instead responds with error query parameters.

List of OAuth2 request parameters for both peers.

List of OAuth2 server response parameters.

An OAuth access token acquired from the server.

An OAuth Authentication provider.

OAuth callback parameters.

OAuth grant types constants.

OAuth server settings.

OAuth versions used in configuration.

A marker interface indicating that a class represents an authenticated principal.

A configuration for the AuthenticationInterceptors plugin.

Specifies what to send back if session authentication fails.

A session-based Authentication provider.

A context for SessionAuthChallengeFunction.

Response content with the 401 Unauthorized status code and the WWW-Authenticate header of supplied challenges.

An in-memory table that keeps usernames and password hashes. This allows you not to compromise user passwords if your data source is leaked.

A user's principal identified by name.

A user's credentials identified by name and password.

Retrieves an AuthenticationContext for this call.

A plugin that authenticates calls. Usually used via the authenticate function inside routing.

An OAuth provider key.

A key used to register authentication challenge.

Creates a route that allows you to define authorization scope for application resources. This function accepts names of authentication providers defined in the Authentication plugin configuration.

Installs the Authentication plugin if not yet installed and invokes block on its config. You can modify the existing authentication configuration only in the authentication's block or using the Authentication.configure function. Changing captured instance of configuration outside of block may have no effect or damage application's state.

Installs the basic Authentication provider. You can use basic authentication for logging in users and protecting specific routes. To learn how to configure it, see Basic authentication.

Retrieves basic authentication credentials for this ApplicationRequest.

Installs the Bearer Authentication provider. Bearer auth requires the developer to provide a custom 'authenticate' function to authorize the token, and return the associated principal.

Installs the digest Authentication provider. To learn how to configure it, see Digest authentication.

Retrieves DigestCredential for this call.

Calculates the expected digest bytes for this DigestCredential.

Installs the form-based Authentication provider. Form-based authentication uses a web form to collect credential information and authenticate a user. To learn how to configure it, see Form-based authentication.

Installs the OAuth Authentication provider. OAuth can be used to authorize users of your application by using external providers, such as Google, Facebook, Twitter, and so on. To learn how to configure it, see OAuth.

Parses an authorization header from a ApplicationRequest returning a HttpAuthHeader.

Retrieves an authenticated Principal for this call.

Retrieves an authenticated Principal for this call from provider with name provider

Installs the session Authentication provider. This provider provides the ability to authenticate a user that already has an associated session.

Converts HttpAuthHeader to DigestCredential.

Verifies that credentials are valid for a given method, digester, and userNameRealmPasswordDigest.

Implements Resource Owner Password Credentials Grant.