Skip to content

# Table of Contents

Table of Contents

AuthorizationCodeGrantTokenProvider

Extends RefreshableTokenProvider

The Authorization Code grant type is intended to be used by user-facing web applications with a server-side component. When the user grants authorization, the Identity authorization endpoint provides the client with a short-lived authorization code through a browser redirect. The client subsequently exchanges the authorization_code for an access_token. The Authorization Code with Proof Key for Code Exchange (PKCE) flow is an extension of the Authorization Code grant flow. Along with the request, the client application sends code_challenge and code_challenge_method.

constructor

Public constructor for AuthorizationCodeGrantTokenProvider class

Parameters

  • endpointProvider IEndpointProvider An endpoint provider that provides the URL for the Trimble Identity authorization and token endpoints.
    It can be OpenIdEndpointProvider/FixedEndpointProvider
  • consumerKey string The consumer key for the calling application
  • redirectUrl string The URL to which Trimble Identity should redirect after successfully authenticating a user

WithScopes

Fluent extension to add scopes

Parameters

  • scopes IEnumerable<string> The scopes to add to the token provider

Returns this

WithLogoutRedirect

Fluent extension to add logout redirect URL

Parameters

Returns this

WithIdentityProvider

Fluent extension to add identity provider

Parameters

Returns this

GetOAuthRedirect

Get a redirect URL for Trimble Identity

Parameters

  • state string An optional state parameter that will be passed back to the caller via the redirect URL
  • Throws any Thrown when an authorization endpoint is not provided by the endpoint provider

Returns PromiseLike<string> A promise that resolves to the redirect URL

ValidateQuery

Validate the query parameters passed back to the application by Trimble Identity

Parameters

  • query string The query string from the URL
  • Throws any Thrown when a token endpoint is not provided by the endpoint provider
  • Throws any Thrown when a call to the token endpoint fails

Returns PromiseLike<boolean> A promise that resolves to true if the query string is valid

ValidateCode

Validate the code passed back to the application by Trimble Identity

Parameters

  • Throws any Thrown when a token endpoint is not provided by the endpoint provider
  • Throws any Thrown when a call to the token endpoint fails

Returns PromiseLike<boolean> A promise that resolves to true if the code is valid

GetOAuthLogoutRedirect

Return a redirect URL to log out of all Trimble Identity applications

Parameters

  • state string An optional state parameter that will be passed back to the caller via the redirect URL

Returns PromiseLike<string> A promise that resolves to the value of the redirect URL on completion

IEndpointProvider

Interface for an endpoint provider

RetrieveAuthorizationEndpoint

Returns PromiseLike<string> A promise that resolves to the value of the authorization endpoint on completion

RetrieveTokenEndpoint

Returns PromiseLike<string> A promise that resolves to the value of the token endpoint on completion

RetrieveUserInfoEndpoint

Returns PromiseLike<string> A promise that resolves to the value of the user information endpoint on completion

RetrieveTokenRevocationEndpoint

Returns PromiseLike<string> A promise that resolves to the value of the token revocation endpoint on completion

RetrieveJSONWebKeySetEndpoint

Returns PromiseLike<string> A promise that resolves to the value of the JWKS endpoint on completion

RefreshableTokenProvider

The Refresh Token grant type is used by clients to exchange a refresh token for an access token when the access token has expired.

Parameters

  • endpointProvider IEndpointProvider An endpoint provider that provides the URL for the Trimble Identity token endpoint. It can be be OpenIdEndpointProvider/FixedEndpointProvider
  • consumerKey string The consumer key for the calling application
  • consumerSecret string The consumer secret for the calling application

WithProofKeyForCodeExchange

Fluent extension for Authorization Code with PKCE

Parameters

  • codeVerifier string The PKCE code verifier for the calling application

WithConsumerSecret

Fluent extension for Authorization Code with client secret

Parameters

  • consumerSecret string The consumer secret for the calling application

WithAccessToken

Fluent extension for Authorization Code with access token

Parameters

  • accessToken string The access token for the calling application
  • tokenExpiry datetime The access token expiry for the calling application

WithIdToken

Fluent extension for Authorization Code with id token

Parameters

  • idToken string The ID token for the calling application

WithRefreshToken

Fluent extension for Authorization Code with refresh token

Parameters

  • refreshToken string The refresh token for the calling application

WithPersistentStorage

Fluent extension for Authorization Code with persistent storage

Parameters

  • persistentStorage IPersistentStorage The persistent storage method for the calling application

WithLogoutRedirect

Fluent extension to add logout redirect URL

Parameters

RetrieveToken

Retrieves an access token for the authenticated user

  • Throws any Thrown when a token endpoint is not provided by the endpoint provider
  • Throws any Thrown when a call to the token endpoint fails

Returns PromiseLike<string> A Task that resolves to the value of the access token on completion

RetrieveTokenExpiry

Retrieves an access token expiry for the authenticated user

Returns PromiseLike<string> A Task that resolves to the value of the access token expiry on completion

RetrieveIdToken

Retrieves an ID token for the authenticated user

  • Throws any Thrown when a token endpoint is not provided by the endpoint provider
  • Throws any Thrown when a call to the token endpoint fails

Returns PromiseLike<string> A Task that resolves to the value of the ID token on completion

RetrieveRefreshToken

Retrieves a refresh token for the authenticated user

  • Throws any Thrown when a token endpoint is not provided by the endpoint provider
  • Throws any Thrown when a call to the token endpoint fails

Returns PromiseLike<string> A Task that resolves to the value of the refresh token on completion

RevokeRefreshToken

Revokes a refresh token for the authenticated user

  • Throws any Thrown when a token endpoint is not provided by the endpoint provider
  • Throws any Thrown when a call to the token endpoint fails

Returns PromiseLike<void> A Task that revokes refreshtoken

GenerateCodeVerifier

Static method to generate a code verifier

Returns string A code verifier string

ITokenProvider

Interface for a token provider

RetrieveToken

Returns PromiseLike<string> A promise that resolves to the value of the token on completion