Elemental lowcode development platform.
The auth client provider allows you to access the users authentication state, and to request access tokens - either user or application. You can access the following methods on this service:
These methods are covered in more detail below.
Parameters:
username - string, the username of the userpassword - string, the password for the userAuthenticates using the password grant.
If you client has not got the password grant setup in its accepted grants then this will fail. To add this into your grants, modify your client config to contain a list of grants like this:
Note: This method is only available for website controllers.
{
"grant_types": [
"client_credentials",
"authorization_code",
"password"
]
}
You can then authenticate users using their username and password:
module.exports = {
events : {
login : (event) => {
return this.authClientProvider.loginUser(
event.bag.username,
event.bag.password
).then(() => {
...
}).catch((err) => {
...
});
}
}
};
Parameters:
redirectUri - string, optional URL to redirect to - needs to be configured within your IdP clients post logout redirect URIsLogs the users session out on the website and redirects the user to logout from the identity provider.
Note: This method is only available for website controllers.
Called from your controllers like so:
module.exports = {
events : {
logout : (event) => {
//logout and redirect back afterwards
this.authClientProvider.logoutUser("/todo");
//logout and display the standard logout message on the IdP
this.authClientProvider.logoutUser();
}
}
};
If you pass a URL into this method without the protocol/hostname then the system will automatically resolve the website hostname and prefix the URL with it.
This method fetches an access token to speak to third party APIs with. This access token will be either a user access token - if the current user is authenticated - or it will be a client token fetched using your clients credentials.
All clients are issued the client_credentials grant by default if a custom list of grant types is not set on the client config. If you override the client config with a custom list of grant types, expect this call to fail if the current user is not authenticated.
The response within the resolution of the promise can return a blank token - if no client is configured for the application for example.
Note: This method will only return user access tokens on website controllers, every other service will be returned the relevant client access token.
This can be called from your controllers like so:
module.exports = {
events : {
load : (event) => {
this.authClientProvider.getAccessToken().then((token) => {
...
}).catch((err) => {
...
});
}
}
};
Parameters:
token - string, the JWT token to check for expirationReturns true if the token has expired, false if it has not.
Called from your controllers like so:
module.exports = {
events : {
load : (event) => {
if (this.authClientProvider.tokenExpired("token value")) {
...
}
}
}
}
Refreshes the current users access & identity tokens and returns the newly refreshed access token.
This method returns a promise and will resolve a null access token if the user is either not logged in or does not have a refresh token.
Called from your controllers like so:
module.exports = {
events : {
load : (event) => {
return this.authClientProvider.refreshUserToken().then((accessToken) => {
...
});
}
}
}