class Authentication
Authentication feature supports pluggable mechanisms for checking and challenging a client to provide credentials |
|
class AuthenticationContext
Represents an authentication context for the call |
|
sealed class AuthenticationFailedCause
Represents a cause for authentication challenge request |
|
class AuthenticationPipeline : Pipeline<AuthenticationContext, ApplicationCall>
Represents authentication Pipeline for checking and requesting authentication |
|
class AuthenticationProcedureChallenge
Represents authentication challenging procedure requested by authentication mechanism |
|
open class AuthenticationProvider
Represents an authentication provider with the given name |
|
class AuthenticationRouteSelector : RouteSelector
An authentication route node that is used by Authentication feature and usually created by Route.authenticate DSL function so generally there is no need to instantiate it directly unless you are writing an extension |
|
class BasicAuthenticationProvider : AuthenticationProvider
Represents a Basic authentication provider |
|
interface Credential
Marker interface indicating that a class represents credentials for authentication |
|
object
The default state provider that does generate random nonce and don't keep them |
|
class DigestAuthenticationProvider : AuthenticationProvider
Represents a Digest authentication provider |
|
data class DigestCredential : Credential
Represents Digest credentials |
|
class ForbiddenResponse : NoContent
Response content with |
|
sealed class
Specifies what to send back if form authentication fails. |
|
class FormAuthenticationProvider : AuthenticationProvider
Represents a form-based authentication provider |
|
object OAuth2RequestParameters
List of OAuth2 request parameters for both peers |
|
object OAuth2ResponseParameters
List of OAuth2 server response parameters |
|
interface
Provides states for OAuth2. State could be just a random number (nonce) or could contain additional form fields or a signature. It is important that it should be a way to verify state. So all states need to be saved somehow or a state need to be a signed set of parameters that could be verified later |
|
sealed class OAuthAccessTokenResponse : Principal
OAuth access token acquired from the server |
|
class OAuthAuthenticationProvider : AuthenticationProvider
Represents an OAuth provider for Authentication feature |
|
sealed class OAuthCallback
OAauth callback parameters |
|
object OAuthGrantTypes
OAuth grant types constants |
|
sealed class OAuthServerSettings
Represents OAuth server settings |
|
enum class OAuthVersion
OAuth versions used in configuration |
|
interface Principal
Marker interface indicating that a class represents an authenticated principal |
|
sealed class
Specifies what to send back if authentication fails. |
|
class SessionAuthenticationProvider<T : Any> : AuthenticationProvider
Represents a session-based authentication provider |
|
class UnauthorizedResponse : NoContent
Response content with |
|
class UserHashedTableAuth
Simple in-memory table that keeps user names and password hashes |
|
data class UserIdPrincipal : Principal
Represents a simple user's principal identified by name |
|
data class UserPasswordCredential : Credential
|
sealed class OAuth1aException : Exception
Represents an OAuth1a server error |
|
sealed class OAuth2Exception : Exception
Represents a error during communicating to OAuth2 server |
typealias ApplicationCallPredicate = (ApplicationCall) -> Boolean
Predicate function that accepts an application call and returns |
|
typealias AuthenticationFunction<C> = suspend ApplicationCall.(credentials: C) -> Principal?
Authentication function that accepts and verifies credentials and returns a principal when verification successful. |
|
typealias DigestProviderFunction = suspend (userName: String, realm: String) -> ByteArray?
Provides message digest for the specified username and realm or returns |
|
typealias FormAuthChallengeFunction = suspend PipelineContext<*, ApplicationCall>.(UserPasswordCredential?) -> Unit
Specifies what to send back if form authentication fails. |
|
typealias SessionAuthChallengeFunction<T> = suspend PipelineContext<*, ApplicationCall>.(T?) -> Unit
Specifies what to send back if session authentication fails. |
val OAuthKey: Any
OAuth provider key |
|
const val SessionAuthChallengeKey: String
A key used to register auth challenge |
fun Configuration.basic(name: String? = null, configure: Configuration.() -> Unit): Unit
Installs Basic Authentication mechanism |
|
fun
Create an HTTP auth header for OAuth1a obtain token request |
|
fun
Create an HTTP auth header for OAuth1a upgrade token request |
|
fun Configuration.digest(name: String? = null, configure: Configuration.() -> Unit): Unit
Installs Digest Authentication mechanism |
|
fun DigestCredential.expectedDigest(method: HttpMethod, digester: MessageDigest, userNameRealmPasswordDigest: ByteArray): ByteArray
Calculates expected digest bytes for this DigestCredential |
|
fun Configuration.form(name: String? = null, configure: Configuration.() -> Unit): Unit
Installs Form Authentication mechanism |
|
fun Configuration.oauth(name: String? = null, configure: Configuration.() -> Unit): Unit
Installs OAuth Authentication mechanism |
|
fun <T : Principal> Configuration. fun <T : Principal> Configuration.session(name: String? = null): Unit
Provides ability to authenticate users via sessions. It only works if T session type denotes Principal as well otherwise use full session with lambda function with SessionAuthenticationProvider.Configuration.validate configuration fun <T : Any> Configuration.session(name: String? = null, configure: Configuration<T>.() -> Unit): Unit
Provides ability to authenticate users via sessions. It is important to have specified SessionAuthenticationProvider.Configuration.validate and SessionAuthenticationProvider.Configuration.challenge in the lambda to get it work property |
|
fun
Build an OAuth1a signature base string as per RFC |
|
suspend fun DigestCredential.verifier(method: HttpMethod, digester: MessageDigest, userNameRealmPasswordDigest: suspend (String, String) -> ByteArray?): Boolean
Verifies credentials are valid for given method and digester and userNameRealmPasswordDigest |
|
suspend fun verifyWithOAuth2(credential: UserPasswordCredential, client: HttpClient, settings: OAuth2ServerSettings): OAuth2
Implements Resource Owner Password Credentials Grant see http://tools.ietf.org/html/rfc6749#section-4.3 |