Functions -
auth
| checkForScopeMatch |
Checks whether the scopes of the user match the scopes of the resource. |
| extractUsernameAndPassword |
Extracts the username and the password from the base64-encoded |
| setAuthenticationContext |
Sets the authentication-related values (scheme, auth token) to the authentication context of the invocation context. |
| setPrincipal |
Sets the authentication-related values (user ID, username, scopes, claims) to the principal of the invocation context. |
checkForScopeMatch
(string[] | string[][] resourceScopes, string[] userScopes, string authzCacheKey, Cache? positiveAuthzCache, Cache? negativeAuthzCache)
returns booleanChecks whether the scopes of the user match the scopes of the resource.
Parameters
- resourceScopes string[] | string[][]
-
Scopes of the resource
- userScopes string[]
-
Scopes of the user
- authzCacheKey string
-
Authorization cache key
- positiveAuthzCache Cache?
-
The
cache:Cachefor positive authorizations
- negativeAuthzCache Cache?
-
The
cache:Cachefor negative authorizations
-
Return Type
(boolean) trueif there is a match between the resource and user scopes or elsefalseotherwise
Extracts the username and the password from the base64-encoded username:password value.
[string, string]|auth:Error [username, password] = auth:extractUsernameAndPassword("<credential>");
Parameters
- credential string
-
Base64-encoded
username:passwordvalue
-
Return Type
([string, string] | Error) A
stringtuple with the extracted username and password or else anauth:Erroroccurred while extracting credentials
Sets the authentication-related values (scheme, auth token) to the authentication context of the invocation context.
auth:setAuthenticationContext("jwt", "<credential>");
Parameters
- scheme string
-
Auth scheme (
JWT,LDAP,OAuth2,Basic, etc.)
- authToken string
-
Auth token (credential)
Sets the authentication-related values (user ID, username, scopes, claims) to the principal of the invocation context.
Parameters
- userId string? (default ())
-
User ID of the authenticated user
- username string? (default ())
-
Username of the authenticated user
- scopes string[]? (default ())
-
Authenticated user scopes
- claims map<any> (default ())
-
Claims of the authenticated user