This API documentation is for Ballerina 1.2.0. View API documentation for the latest release.

Functions - auth

checkForScopeMatch

Checks whether the scopes of the user match the scopes of the resource.

extractUsernameAndPassword

Extracts the username and the password from the base64-encoded username:password value.

setAuthenticationContext

Sets the authentication-related values (scheme, auth token) to the authentication context of the invocation context.

setPrincipal

Sets the authentication-related values (user ID, username, scopes, claims) to the principal of the invocation context.

checkForScopeMatch

(string[] | string[][] resourceScopes, string[] userScopes, string authzCacheKey, Cache? positiveAuthzCache, Cache? negativeAuthzCache)

returns boolean

Checks whether the scopes of the user match the scopes of the resource.

Parameters

  • resourceScopes string[] | string[][]
  • Scopes of the resource

  • userScopes string[]
  • Scopes of the user

  • authzCacheKey string
  • Authorization cache key

  • positiveAuthzCache Cache?
  • The cache:Cache for positive authorizations

  • negativeAuthzCache Cache?
  • The cache:Cache for negative authorizations

  • Return Type

    (boolean)
  • true if there is a match between the resource and user scopes or else false otherwise

extractUsernameAndPassword

(string credential)

returns [string, string] | Error

Extracts the username and the password from the base64-encoded username:password value.

 [string, string]|auth:Error [username, password] = auth:extractUsernameAndPassword("<credential>");

Parameters

  • credential string
  • Base64-encoded username:password value

  • Return Type

    ([string, string] | Error)
  • A string tuple with the extracted username and password or else an auth:Error occurred while extracting credentials

setAuthenticationContext

(string scheme, string authToken)

Sets the authentication-related values (scheme, auth token) to the authentication context of the invocation context.

 auth:setAuthenticationContext("jwt", "<credential>");

Parameters

  • scheme string
  • Auth scheme (JWT, LDAP, OAuth2, Basic, etc.)

  • authToken string
  • Auth token (credential)

setPrincipal

(string? userId, string? username, string[]? scopes, map<any> claims)

Sets the authentication-related values (user ID, username, scopes, claims) to the principal of the invocation context.

Parameters

  • userId string? (default ())
  • User ID of the authenticated user

  • username string? (default ())
  • Username of the authenticated user

  • scopes string[]? (default ())
  • Authenticated user scopes

  • claims map<any> (default ())
  • Claims of the authenticated user