Class WLAuthorizationManager
WLAuthorizationManager
- JavaScript File:
- wlauthorizationmanager.js
- Description:
- The
WLAuthorizationManager
class is instantiated as a singleton and can be used anywhere in the application to obtain the client ID and authorization header. It is also called internally to handle MobileFirst OAuth-based security model protocol.All functions of the authorization manager are asynchronous and return a promise object.
The
WLAuthorizationManager
andWLResourceRequest
classes are supported for the following hybrid environments only: Android, iOS, Windows Phone 8 and Window 8.
Constructor Attributes | Constructor Name and Description |
---|---|
Method Attributes | Method Name and Description |
---|---|
addCachedAuthorizationHeader(request)
Adds a cached authorization header to the request.
|
|
Obtains application identity.
|
|
getAuthorizationScope(responseAuthenticationHeader)
Parses the authentication header and retrieves the authorization scope.
|
|
Returns cached authorization header.
|
|
Obtains device identity.
|
|
Obtains user identity.
|
|
isAuthorizationRequired(responseStatus, responseAuthenticationHeader)
Determines whether authorization is required or not.
|
|
obtainAuthorizationHeader(scope)
Obtains the authorization header for the specified scope.
|
|
setAuthorizationPersistencePolicy(authorizationPersistencePolicy)
Sets the authorization persistence policy, which defines how the authorization information is persisted on the device.
|
Method Detail
addCachedAuthorizationHeader
addCachedAuthorizationHeader(request)
Adds a cached authorization header to the request. As this function is asynchronous, you
use the returned promise for completing the flow.
- Parameters:
-
{Object}
request
- Mandatory. A request object. This object should expose the
setRequestHeader
function.
- Returns:
- Promise object.
- Example:
var xhr = new XMLHttpRequest();
WLAuthorizationManager.addCachedAuthorizationHeader(xhr)
.always(
function(response) {
// success or failure flow
}
);
getAppIdentity
getAppIdentity()
Obtains application identity. The identity is returned via deferred callback.
- Returns:
- Promise object. The methods calls either success or failure callbacks and passes the application identity as a string or error.
- Example:
WLAuthorizationManager.getAppIdentity()
.then(
function(data) {
// success flow with application identity
},
function(error) {
// failure flow with error
}
);
getAuthorizationScope
getAuthorizationScope(responseAuthenticationHeader)
Parses the authentication header and retrieves the authorization scope.
- Parameters:
- {String} responseAuthenticationHeader - Mandatory. Specifies a string containing an authorization header value (usually the value of header 'WWW-Authenticate'), returned with a response from the server.
- Returns:
- A string containing authorization scope.
getCachedAuthorizationHeader
getCachedAuthorizationHeader()
Returns cached authorization header.
- Returns:
- A promise object that can be used to receive the header asynchronously. The header is sent as a string.
- Example:
WLAuthorizationHeader.getCachedAuthorizationHeader()
.then(
function(response) {
// success flow
},
function(error) {
// error flow
}
);
getDeviceIdentity
getDeviceIdentity()
Obtains device identity. The identity is returned via deferred callback.
- Returns:
- Promise object. The methods calls either success or failure callbacks and passes the device identity as a string or error.
- Example:
WLAuthorizationManager.getDeviceIdentity()
.then(
function(data) {
// success flow with device identity
},
function(error) {
// failure flow with error
}
);
getUserIdentity
getUserIdentity()
Obtains user identity. The identity is returned via deferred callback.
- Returns:
- Promise object. The methods calls either success or failure callbacks and passes the user identity as a string or error.
- Example:
WLAuthorizationManager.getUserIdentity()
.then(
function(data) {
// success flow with user identity
},
function(error) {
// failure flow with error
}
);
isAuthorizationRequired
isAuthorizationRequired(responseStatus, responseAuthenticationHeader)
Determines whether authorization is required or not.
- Parameters:
- {Integer} responseStatus - Mandatory. Specifies the response status code returned from the server.
- {String} responseAuthenticationHeader - Mandatory. Specifies a string containing an authorization header value (usually the value of header 'WWW-Authenticate'), returned with a response from the server.
- Returns:
- A boolean value, indicating whether authorization is required (
true
), or not (false
).
obtainAuthorizationHeader
obtainAuthorizationHeader(scope)
Obtains the authorization header for the specified scope.
- Parameters:
- {String} scope - Optional. Specifies the scope to obtain an authorization header for.
- Returns:
- A promise object that can be used to receive the authorization header asynchronously. The header is sent as a string.
- Example:
WLAuthorizationManager.obtainAuthorizationHeader(scope)
.then (
function(header) {
// success flow with the header
},
function(error) {
// failure flow
}
};
setAuthorizationPersistencePolicy
setAuthorizationPersistencePolicy(authorizationPersistencePolicy)
Sets the authorization persistence policy, which defines how the authorization information is persisted on the device.
It can be set to one of the following values:
WLAuthorizarionManager.ALWAYS
, which stores the authorization data on the device and the user is not required to authenticate on subsequent application launches.WLAuthorizarionManager.NEVER
, which maintains the authorization data in the memory and the user will be authenticated on each application run.
- Parameters:
- authorizationPersistencePolicy - Mandatory. Specifies the new policy to set.
- Returns:
- A promise object, because this operation is asynchronous.
- Deprecated:
- In MobileFirst Platform 7.1, persisting authorization headers on the client side has no effect, since the MobileFirst server persists the security data across sessions.
© Copyright IBM Corp. 2011, 2015.