Skip to main content

Function: authMiddleware()

authMiddleware(options): (ctx, next) => Promise<void>

Defined in: http-server-auth/src/authMiddleware.ts:173

Koa middleware that authenticates requests via Bearer token. Supports JWT, hashed API tokens, a shared system secret, and OAuth provider tokens (the oauth strategy — the resource-server role). Sets ctx.state.user and ctx.state.authStrategy on success; emits 401 (with a WWW-Authenticate header, RFC 9728 when resourceMetadataUrl is set) for missing/invalid tokens, and 403 when a verified token is missing a required scope.

Parameters

ParameterType
optionsAuthMiddlewareOptions

Returns

(ctx, next) => Promise<void>