Class: Credential

Wrapper around a Token, providing methods to interact with Tokens without the hassle of managing them

Constructors

new Credential()

new Credential(token, client): Credential

Parameters

• token: Token

• client: OAuth2Client

Returns

Credential

Remarks

Do not use directly, use Credential.store instead

Factory Methods

store()

static store(token, tags): Credential

Writes token to storage and returns a Credential instance

Parameters

• token: Token

Object representing the token to be managed by returned Credential instance

• tags: string[] = []

List of strings that can be used to ease Credential retrieval

Returns

Credential

Example

const adminToken = await fetchAdminToken();
const token = new Token(adminToken);
Credential.store(token, ['admin']);

See

Credential.findByTags | Credential.findByTags

Static Accessors

default

get static default(): null | Credential

set static default(cred): void

Parameters

• cred: null | Credential

Returns

null | Credential

---

allIDs

get static allIDs(): string[]

Returns array of all Credential ids

Returns

string[]

---

size

get static size(): number

Returns number of Credential instances

Returns

number

Static Methods

with()

static with(id): null | Credential

Returns Credential instance with corresponding id

Parameters

• id: string

Returns

null | Credential

Remarks

This method can be used to retreive a specific Credential, however its recommended to use Credential.default or Credential.find to query by tags instead

---

find()

static find(matcher): Credential[]

Returns all Credential instances where matcher function returns true

Parameters

• matcher

Function which takes meta as first argument. Returns true if Credential should be included. false otherwise

Returns

Credential[]

Example

// find Credentials by tag 'foo'
Credential.find(meta => meta?.tags?.includes('foo'));

---

clear()

static clear(): void

Removes all Credential instances and clears storage

Returns

void

---

isEqual()

static isEqual(lhs, rhs): boolean

Compares 2 Credential instances to determine if they represent the same token

Parameters

• lhs: Credential

• rhs: Credential

Returns

boolean

Events

on()

static on(event, callback): void

Bind an event listener

Parameters

• event: string

event name

• callback

event handler

Returns

void

Example

Credential.on(Events.CREDENTIAL_REFRESHED, credential => {
  // do something with credential
});

See

Events

---

off()

static off(event, callback?): void

Removes active event listeners

Parameters

• event: string

event name

• callback?

the event handler previously bound via Credential.on

Returns

void

Example

Credential.off(Events.CREDENTIAL_REFRESHED);

See

Events

Properties

emitter

protected readonly static emitter: CredentialEventEmitter

Accessors

oauth2

get oauth2(): OAuth2Client

Returns instance of OAuth2Client used to construct Credential

Returns

OAuth2Client

---

token

get token(): Token

The Token instance Credential is associated with

Remarks

This value may change, from operations like renew, however the Token.id | Token.id will remain consistent

Returns

Token

---

id

get id(): string

Short for this.token.id

Returns

string

---

tags

get tags(): string[]

Array of tags associated with Credential. Used for retrieval

Returns

string[]

Methods

setTags()

setTags(tags): void

Updates tags associated with Credential

Parameters

• tags: string[] = []

tags to be associated with Credential

Returns

void

Remarks

This is not merge operation

---

remove()

remove(): void

Removes Credential from storage

Returns

void

Remarks

NOTE: this method does not revoke tokens

See

Credential.prototype.revoke

---

getAuthHeader()

getAuthHeader(): object

Helper method to get a Authorization header, expressed as an object

Returns

object

Authorization

Authorization: string

Examples

cred.getAuthHeader();
// { 'Authorization': 'Bearer ***********' }

const data = await fetch('resource/server', { headers: { ...cred.getAuthHeader() }})

---

authorize()

authorize(input, init?): Promise<Request>

A utility method which matches the signature of fetch a Request instance with a predefined Authorization header

Parameters

• input: string | URL | Request

• init?: RequestInit

Returns

Promise<Request>

---

toJSON()

toJSON(): Record<string, any>

Returns

Record<string, any>

OAuth2 Methods

refresh()

refresh(): Promise<Credential>

Attempts to refresh the represented token

Returns

Promise<Credential>

Remarks

Upon successful renew, the token will be replaced with a new Token instance, however the id property will remain consistent

Throws

OAuth2Error if refresh fails

---

refreshIfNeeded()

refreshIfNeeded(gracePeriod): Promise<Credential>

Renews token if the will expire within the grace period

Parameters

• gracePeriod: number = 30

Returns

Promise<Credential>

Remarks

Expiration calculation is performed on the browser via TimeCoordinator

Throws

OAuth2Error if refresh fails

---

revoke()

revoke(type): Promise<undefined | OAuth2ErrorResponse>

Revokes either Token.accessToken | Credential.token.accessToken or Token.refreshToken | Credential.token.refreshToken or both

Parameters

• type: RevokeType = 'ALL'

Returns

Promise<undefined | OAuth2ErrorResponse>

Remarks

• If RevokeType.ALL, Credential will be removed

Throws

OAuth2Error if revocation fails

---

introspect()

introspect(kind): Promise<void>

COMING SOON Performs introspect on a specific token

Parameters

• kind: TokenKind

The specific token to introspect. Must be available in Credential.token

Returns

Promise<void>

Throws

OAuth2Error

---

userInfo()

userInfo(): Promise<void>

COMING SOON Performs OIDC UserInfo request

Returns

Promise<void>

Throws

OAuth2Error