# Table of Contents
Table of Contents
- AuthorizationCodeGrantTokenProvider
- IEndpointProvider
- RetrieveAuthorizationEndpoint
- RetrieveTokenEndpoint
- RetrieveUserInfoEndpoint
- RetrieveTokenRevocationEndpoint
- RetrieveJSONWebKeySetEndpoint
- RefreshableTokenProvider
- ITokenProvider
- RetrieveToken
AuthorizationCodeGrantTokenProvider
Extends RefreshableTokenProvider
The Authorization Code grant type is intended to be used by user-facing web applications with a server-side component. When the user grants authorization, the Identity authorization endpoint provides the client with a short-lived authorization code through a browser redirect. The client subsequently exchanges the authorization_code for an access_token. The Authorization Code with Proof Key for Code Exchange (PKCE) flow is an extension of the Authorization Code grant flow. Along with the request, the client application sends code_challenge and code_challenge_method.
constructor
Public constructor for AuthorizationCodeGrantTokenProvider class
Parameters
endpointProviderIEndpointProvider An endpoint provider that provides the URL for the Trimble Identity authorization and token endpoints.
It can be OpenIdEndpointProvider/FixedEndpointProviderconsumerKeystring The consumer key for the calling applicationredirectUrlstring The URL to which Trimble Identity should redirect after successfully authenticating a user
WithScopes
Fluent extension to add scopes
Parameters
scopesIEnumerable<string> The scopes to add to the token provider
Returns this
WithLogoutRedirect
Fluent extension to add logout redirect URL
Parameters
logoutRedirectUrlstring
Returns this
WithIdentityProvider
Fluent extension to add identity provider
Parameters
identityProviderstring
Returns this
GetOAuthRedirect
Get a redirect URL for Trimble Identity
Parameters
statestring An optional state parameter that will be passed back to the caller via the redirect URL
- Throws any Thrown when an authorization endpoint is not provided by the endpoint provider
Returns PromiseLike<string> A promise that resolves to the redirect URL
ValidateQuery
Validate the query parameters passed back to the application by Trimble Identity
Parameters
querystring The query string from the URL
- Throws any Thrown when a token endpoint is not provided by the endpoint provider
- Throws any Thrown when a call to the token endpoint fails
Returns PromiseLike<boolean> A promise that resolves to true if the query string is valid
ValidateCode
Validate the code passed back to the application by Trimble Identity
Parameters
codestring from the URL
- Throws any Thrown when a token endpoint is not provided by the endpoint provider
- Throws any Thrown when a call to the token endpoint fails
Returns PromiseLike<boolean> A promise that resolves to true if the code is valid
GetOAuthLogoutRedirect
Return a redirect URL to log out of all Trimble Identity applications
Parameters
statestring An optional state parameter that will be passed back to the caller via the redirect URL
Returns PromiseLike<string> A promise that resolves to the value of the redirect URL on completion
IEndpointProvider
Interface for an endpoint provider
RetrieveAuthorizationEndpoint
Returns PromiseLike<string> A promise that resolves to the value of the authorization endpoint on completion
RetrieveTokenEndpoint
Returns PromiseLike<string> A promise that resolves to the value of the token endpoint on completion
RetrieveUserInfoEndpoint
Returns PromiseLike<string> A promise that resolves to the value of the user information endpoint on completion
RetrieveTokenRevocationEndpoint
Returns PromiseLike<string> A promise that resolves to the value of the token revocation endpoint on completion
RetrieveJSONWebKeySetEndpoint
Returns PromiseLike<string> A promise that resolves to the value of the JWKS endpoint on completion
RefreshableTokenProvider
The Refresh Token grant type is used by clients to exchange a refresh token for an access token when the access token has expired.
Parameters
endpointProviderIEndpointProvider An endpoint provider that provides the URL for the Trimble Identity token endpoint. It can be be OpenIdEndpointProvider/FixedEndpointProviderconsumerKeystring The consumer key for the calling applicationconsumerSecretstring The consumer secret for the calling application
WithProofKeyForCodeExchange
Fluent extension for Authorization Code with PKCE
Parameters
codeVerifierstring The PKCE code verifier for the calling application
WithConsumerSecret
Fluent extension for Authorization Code with client secret
Parameters
consumerSecretstring The consumer secret for the calling application
WithAccessToken
Fluent extension for Authorization Code with access token
Parameters
accessTokenstring The access token for the calling applicationtokenExpirydatetime The access token expiry for the calling application
WithIdToken
Fluent extension for Authorization Code with id token
Parameters
idTokenstring The ID token for the calling application
WithRefreshToken
Fluent extension for Authorization Code with refresh token
Parameters
refreshTokenstring The refresh token for the calling application
WithPersistentStorage
Fluent extension for Authorization Code with persistent storage
Parameters
persistentStorageIPersistentStorage The persistent storage method for the calling application
WithLogoutRedirect
Fluent extension to add logout redirect URL
Parameters
logoutRedirectUrlstring
RetrieveToken
Retrieves an access token for the authenticated user
- Throws any Thrown when a token endpoint is not provided by the endpoint provider
- Throws any Thrown when a call to the token endpoint fails
Returns PromiseLike<string> A Task that resolves to the value of the access token on completion
RetrieveTokenExpiry
Retrieves an access token expiry for the authenticated user
Returns PromiseLike<string> A Task that resolves to the value of the access token expiry on completion
RetrieveIdToken
Retrieves an ID token for the authenticated user
- Throws any Thrown when a token endpoint is not provided by the endpoint provider
- Throws any Thrown when a call to the token endpoint fails
Returns PromiseLike<string> A Task that resolves to the value of the ID token on completion
RetrieveRefreshToken
Retrieves a refresh token for the authenticated user
- Throws any Thrown when a token endpoint is not provided by the endpoint provider
- Throws any Thrown when a call to the token endpoint fails
Returns PromiseLike<string> A Task that resolves to the value of the refresh token on completion
RevokeRefreshToken
Revokes a refresh token for the authenticated user
- Throws any Thrown when a token endpoint is not provided by the endpoint provider
- Throws any Thrown when a call to the token endpoint fails
Returns PromiseLike<void> A Task that revokes refreshtoken
GenerateCodeVerifier
Static method to generate a code verifier
Returns string A code verifier string
ITokenProvider
Interface for a token provider
RetrieveToken
Returns PromiseLike<string> A promise that resolves to the value of the token on completion