Interface AuthProvider

Authentication provider that manages user access tokens.

Remarks

This interface can be implemented in various ways. Two built-in implementations are provided:

StaticAuthProvider - Accepts a user and an access token, but does not support refreshing.
RefreshingAuthProvider - Automatically refreshes access tokens upon expiration.

If these implementations are not sufficient for your use case, you can create a custom one. For example, you could store and manage authentication data in Redis to share it between multiple processes or containers.

interface AuthProvider {
    clientId: string;
    getAccessTokenForUser(
        user: UserIdResolvable,
        scopes?: string[],
    ): Promise<AccessTokenWithUserId>;
    getScopesForUser(user: UserIdResolvable): string[];
    refreshAccessTokenForUser(
        user: UserIdResolvable,
    ): Promise<AccessTokenWithUserId>;
}

Implemented by

Index

Properties

clientId

Methods

getAccessTokenForUser getScopesForUser refreshAccessTokenForUser?

Properties

`Readonly`clientId

clientId: string

The client ID.

Methods

getAccessTokenForUser

getAccessTokenForUser(
user: UserIdResolvable,
scopes?: string[],
): Promise<AccessTokenWithUserId>
Gets the access token data for the specified user.
Parameters
- user: UserIdResolvable
  The ID of a user whose token is being requested.
- Optionalscopes: string[]
  An optional list of required scopes to validate against the token's current scopes.
Returns Promise<AccessTokenWithUserId>
Throws
UnregisteredUserError if the user is not registered with this provider.

Throws
MissingScopeError if the token does not include the required scopes.
- Defined in packages/auth/src/providers/auth-provider.ts:42

getScopesForUser

getScopesForUser(user: UserIdResolvable): string[]
Retrieves the scopes currently associated with the specified user's access token.

Returns an empty array if no scopes were set during user registration.
Parameters
- user: UserIdResolvable
  The ID of a user whose scopes should be retrieved.
Returns string[]
Throws
UnregisteredUserError - Thrown if the user is not registered with this provider.
- Defined in packages/auth/src/providers/auth-provider.ts:31

`Optional`refreshAccessTokenForUser

refreshAccessTokenForUser(
user: UserIdResolvable,
): Promise<AccessTokenWithUserId>
Refreshes the user's access token.
Parameters
- user: UserIdResolvable
  The ID of a user whose token should be refreshed.
Returns Promise<AccessTokenWithUserId>
Remarks
This method is optional and may not be implemented by all authentication providers.
- Defined in packages/auth/src/providers/auth-provider.ts:52

Interface AuthProvider

Remarks

Implemented by

Index

Properties

Methods

Properties

`Readonly`clientId

Methods

getAccessTokenForUser

Parameters

Returns Promise<AccessTokenWithUserId>

Throws

Throws

getScopesForUser

Parameters

Returns string[]

Throws

`Optional`refreshAccessTokenForUser

Parameters

Returns Promise<AccessTokenWithUserId>

Remarks

Settings

On This Page

Interface AuthProvider

Remarks

Implemented by

Index

Properties

Methods

Properties

ReadonlyclientId

Methods

getAccessTokenForUser

Parameters

Returns Promise<AccessTokenWithUserId>

Throws

Throws

getScopesForUser

Parameters

Returns string[]

Throws

OptionalrefreshAccessTokenForUser

Parameters

Returns Promise<AccessTokenWithUserId>

Remarks

Settings

On This Page

`Readonly`clientId

`Optional`refreshAccessTokenForUser