Type Alias: OAuthOptions
OAuthOptions =
object
Defined in: http-server-auth/src/types.ts:46
Properties
mapPayload?
optionalmapPayload?: (payload,ctx) =>AuthenticatedUser|null
Defined in: http-server-auth/src/types.ts:65
Maps the verified payload to an AuthenticatedUser. Defaults to the payload
itself with id taken from sub, so claims like scope remain available
on ctx.state.user.
Parameters
| Parameter | Type |
|---|---|
payload | Record<string, unknown> |
ctx | Context |
Returns
AuthenticatedUser | null
requiredScopes?
optionalrequiredScopes?:string[]
Defined in: http-server-auth/src/types.ts:74
Scopes that must all be present on the token, else 403.
verify may return either scope: string (space-separated JWT claim) or
scopes: string[]; both are normalised internally.
verify
verify: (
token,ctx) =>Promise<Record<string,unknown> |null> |Record<string,unknown> |null
Defined in: http-server-auth/src/types.ts:56
Verifies a Bearer token issued by an OAuth provider (Cognito, Auth0,
Keycloak, your own authorization server, …). Resolve with the verified
payload, return null, or throw to reject — both rejection forms yield a
401. Wrap a provider SDK here (e.g. CognitoJwtVerifier from
@ttoss/auth-core/amazon-cognito) to keep this package provider-agnostic.
Receives the Koa ctx as a second argument for request-scoped work.
Parameters
| Parameter | Type |
|---|---|
token | string |
ctx | Context |
Returns
Promise<Record<string, unknown> | null> | Record<string, unknown> | null