An Authenticator class for the OAuth 2.0 Client Credentials grant.

Hierarchy (view full)

Constructors

Properties

_accessToken?: string
_expires?: number

Accessors

  • get accessToken(): Promise<undefined | string>
  • Promise that will resolve with an access token if available or undefined otherwise. This will try to fetch a new access token if:

    Returns Promise<undefined | string>

Methods

  • Discards the currently stored access token, both in memory and from the token cache, so that the next read of accessToken fetches a fresh one. Used to recover from a token that the server rejected (HTTP 401) even though it had not yet expired client-side. Any authentication that is already in flight is left untouched - joining it still yields a fresh token.

    Returns void

  • Registers authentication as the in-flight authentication so that other callers of accessToken wait for it instead of starting their own. The in-flight marker is cleared as soon as the promise settles - whether it resolves or rejects - so a failure never deadlocks subsequent authentication attempts. Rejections are propagated to callers.

    Used both for authentications started by the accessToken getter and for flows that obtain a token out-of-band (e.g. the PKCE callback trading a code for a token).

    Parameters

    • authentication: Promise<undefined | string>

    Returns Promise<undefined | string>