The current auth middleware API is
export type AuthProvider = {
updateClientPublicKey(signingKey?: CryptoKeyPair): Promise<void>;
withCreds(httpReq: HttpRequest): Promise<HttpRequest>;
};However, this doesn't have a good way to perform refreshes, or generate an updated DPoP when receiving a DPoP nonce. The middleware needs to have a method that takes an error.
One reason we held off on this is because we want to support both axios and fetch interfaces.
Nice to haves:
- chainable: we can do dpop updates with nonce and refresh token updates as separate objects
- simple to call
- works with both fetch and axios?
Some options:
Aspect oriented:
export type AuthMiddleware = {
onRequest(req: HttpRequest): Promise<HttpRequest>;
onResponse(req: HttpRequest, resp: HttpResponse): Promise<HttpRequest>;
};With sub-object:
export type AuthMiddleware = {
withHandler(resource: string; options: FetchOptions): MiddlewareHandler;
};
export type MiddlewareHandler = {
handle(resp: Promise<Response>): Promise<Response>;
};Interceptors:
export type FetchInterceptor = {
bind(f: typeof window.fetch): typeof window.fetch;
};????
Code Samples: Interceptors
The current auth middleware API is
However, this doesn't have a good way to perform refreshes, or generate an updated DPoP when receiving a DPoP nonce. The middleware needs to have a method that takes an error.
One reason we held off on this is because we want to support both axios and fetch interfaces.
Nice to haves:
Some options:
Aspect oriented:
With sub-object:
Interceptors:
????
Code Samples: Interceptors
???