CtrlK
BlogDocsLog inGet started
Tessl Logo

tessl/maven-io-ktor--ktor-client-auth-js

Ktor client authentication and authorization plugin for JavaScript platforms supporting Basic, Digest, and Bearer token authentication with automatic token refresh

Pending
Overview
Eval results
Files

basic-authentication.mddocs/

Basic Authentication

HTTP Basic authentication provider supporting username/password credentials with optional realm specification, configurable sending behavior, and automatic credential caching with token management.

Capabilities

Basic Authentication Provider Installation

Install the Basic authentication provider with configuration.

/**
 * Installs the client's BasicAuthProvider
 * @param block Configuration block for Basic authentication
 */
fun AuthConfig.basic(block: BasicAuthConfig.() -> Unit)

Usage Example:

import io.ktor.client.*
import io.ktor.client.plugins.auth.*
import io.ktor.client.plugins.auth.providers.*

val client = HttpClient {
    Auth {
        basic {
            credentials {
                BasicAuthCredentials("username", "password")
            }
            realm = "MyRealm"
        }
    }
}

Basic Authentication Configuration

Configuration class for BasicAuthProvider with credential management and sending behavior control.

/**
 * Configuration for BasicAuthProvider
 */
class BasicAuthConfig {
    /**
     * Optional realm specification for the current provider
     */
    var realm: String?
    
    /**
     * Configures authentication credentials provider
     * @param block Suspend function that returns credentials or null
     */
    fun credentials(block: suspend () -> BasicAuthCredentials?)
    
    /**
     * Configures when to send credentials without waiting for HttpStatusCode.Unauthorized
     * @param block Function that determines based on request whether to send credentials proactively
     */
    fun sendWithoutRequest(block: (HttpRequestBuilder) -> Boolean)
}

Usage Examples:

basic {
    // Static credentials
    credentials {
        BasicAuthCredentials("user", "pass")
    }
    
    // Dynamic credentials
    credentials {
        val token = loadFromSecureStorage()
        if (token != null) BasicAuthCredentials(token.username, token.password)
        else null
    }
    
    // Send credentials proactively for specific paths
    sendWithoutRequest { request ->
        request.url.encodedPath.startsWith("/api/")
    }
    
    realm = "ProtectedArea"
}

Basic Authentication Credentials

Container class for Basic authentication credentials.

/**
 * Contains credentials for BasicAuthProvider
 * @param username Username for authentication
 * @param password Password for authentication
 */
class BasicAuthCredentials(
    val username: String,
    val password: String
)

Basic Authentication Provider

Authentication provider implementation for the Basic HTTP authentication scheme.

/**
 * Authentication provider for the Basic HTTP authentication scheme
 * The Basic authentication scheme can be used for logging in users
 */
class BasicAuthProvider(
    private val credentials: suspend () -> BasicAuthCredentials?,
    private val realm: String? = null,
    private val sendWithoutRequestCallback: (HttpRequestBuilder) -> Boolean = { false }
) : AuthProvider {
    
    // Note: clearToken() method is available but marked as @InternalAPI
    
    override fun sendWithoutRequest(request: HttpRequestBuilder): Boolean
    override fun isApplicable(auth: HttpAuthHeader): Boolean
    override suspend fun addRequestHeaders(request: HttpRequestBuilder, authHeader: HttpAuthHeader?)
    override suspend fun refreshToken(response: HttpResponse): Boolean
}

Usage Examples:

import io.ktor.client.*
import io.ktor.client.plugins.auth.*
import io.ktor.client.plugins.auth.providers.*

// Basic setup with static credentials
val client = HttpClient {
    Auth {
        basic {
            credentials {
                BasicAuthCredentials("alice", "password123")
            }
        }
    }
}

// Advanced setup with realm and conditional sending
val advancedClient = HttpClient {
    Auth {
        basic {
            credentials {
                // Load from secure storage or user input
                loadCredentialsFromStorage()
            }
            realm = "AdminArea"
            sendWithoutRequest { request ->
                // Only send for admin API paths
                request.url.encodedPath.startsWith("/admin/")
            }
        }
    }
}

// Note: clearToken() is available as internal API for clearing cached credentials

Authentication Flow

  1. Initial Request: If sendWithoutRequest returns true, credentials are added proactively
  2. 401 Response: When server responds with 401 Unauthorized, provider checks isApplicable()
  3. Realm Matching: Provider validates realm from WWW-Authenticate header matches configured realm
  4. Token Refresh: refreshToken() is called to refresh cached credentials
  5. Retry Request: Request is retried with authentication headers
  6. Circuit Breaker: If request contains AuthCircuitBreaker attribute, authentication is skipped

Install with Tessl CLI

npx tessl i tessl/maven-io-ktor--ktor-client-auth-js

docs

basic-authentication.md

bearer-authentication.md

digest-authentication.md

index.md

plugin-configuration.md

tile.json