Skip to main content

Module auth

Module auth 

Source
Expand description

Bearer auth and User Signup. Client-side bearer auth: requesting, caching, and presenting the BearerAuthTokens used to authenticate against Lexe-run services.

A BearerAuthenticator holds the credential a client authenticates with and hands out fresh tokens on demand, scoped by LexeScope:

  • Ephemeral holds a user key pair and mints a fresh, short-lived token whenever one is needed, caching the latest token per scope so repeated calls are cheap.
  • Static holds a single pre-minted, long-lived token of a fixed scope (e.g. a client credential’s GatewayProxy token); it can serve any request whose scope it covers, but cannot mint new tokens.

Modules§

helpers
Bearer auth helpers.

Enums§

BearerAuthenticator
Hands out fresh BearerAuthTokens for a given LexeScope, caching them until they expire. See the module docs for the two variants.

Constants§

DEFAULT_USER_TOKEN_LIFETIME_SECS
LONG_LIVED_GATEWAY_PROXY_TOKEN_LIFETIME_SECS
Lifetime of the long-lived LexeScope::GatewayProxy token.