Module :
auth
Module Overview
This module provides the default authentication provider configurations, which can be extended to create new authentication providers and functions to interact with the auth:InvocationContext
.
Invocation Context
The Invocation Context is a data holder, which is created per request and preserved for a single request-response flow. It comprises of auth-related information such as authentication scheme, auth token, and authenticated user's ID, claims, and scopes.
The following code snippet shows how to access the auth:InvocationContext
and how to set the data and retrieve them.
Set data to the invocation context.
auth:InvocationContext invocationContext = auth:getInvocationContext();
invocationContext.token = "eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ";
Retrieve data from the invocation context.
string? authToken = auth:getInvocationContext()?.token;
For information on the operations, which you can perform with this module, see the below Objects. For examples on the usage of the operations, see the Secured Service with Basic Auth Example and Secured Client with Basic Auth Example.
BasicAuthConfig |
Represents the inbound Basic Authentication configurations. |
Credential |
Represents the Basic Authentication configurations, which are used by the HTTP endpoint. |
InvocationContext |
Represents the |
InboundAuthProvider |
Represents the inbound Auth provider, which could be used to authenticate endpoints. |
InboundBasicAuthProvider |
Represents the configuration file based inbound Basic Auth provider, which is an implementation of the
A user is denoted by a section in the Ballerina configuration file. |
OutboundAuthProvider |
Represents the outbound Auth provider, which could be used to authenticate external endpoints. |
OutboundBasicAuthProvider |
Represents the outbound Basic Auth authenticator, which is an implementation of the |
checkForScopeMatch |
Checks whether the scopes of the user match the scopes of the resource. |
extractUsernameAndPassword |
Extracts the username and the password from the base64-encoded |
getInvocationContext |
Returns the |
setInvocationContext |
Sets the authentication-related values to the invocation context. |
DEFAULT_CHARSET |
Default charset to be used with password hashing. |
CONFIG_PREFIX |
Prefix used to denote special configuration values. |
CONFIG_PREFIX_SHA256 |
Prefix used to denote that the config value is a SHA-256 hash. |
CONFIG_PREFIX_SHA384 |
Prefix used to denote that the config value is a SHA-384 hash. |
CONFIG_PREFIX_SHA512 |
Prefix used to denote that the config value is a SHA-512 hash. |
AUTH_SCHEME_BASIC |
Prefix used to denote Basic Authentication scheme. |
AUTH_SCHEME_BEARER |
The prefix used to denote the Bearer Authentication scheme. |
Error |
Represents the Auth module related error. |
AuthError |
Represents the Auth error. |