Class: AppAuthSession

AppAuthSession(type, id, config, tokenManager, tokenStoreopt)

App Auth Box API Session. The App Auth API Session holds an accessToken for an app user or enterprise, which it returns to the client so that it may make calls on behalf of these entities. These access tokens will be refreshed in the background if a request is made within the "stale buffer" (defaults to 10 minutes before the token is set to expire). If the token is also expired, all incoming requests will be held until a fresh token is retrieved.

Constructor

new AppAuthSession(type, id, config, tokenManager, tokenStoreopt)

Parameters:
Name Type Attributes Description
type string The type of the entity to authenticate the app auth session as, "user" or "enterprise"
id string The Box ID of the entity to authenticate as
config Config The SDK configuration options
tokenManager TokenManager The TokenManager
tokenStore TokenStore <optional>
 The token store instance to use for caching token info
Source:

Methods

(private) _refreshAppAuthAccessToken(optionsopt) → {Promise.<string>}

Initiate a refresh of the app auth access tokens. New tokens should be passed to the caller, and then cached for later use.
Parameters:
Name Type Attributes Description
options TokenRequestOptions <optional>
 Sets optional behavior for the token grant
Source:
Returns:
Promise resolving to the access token
Type
Promise.<string>

(private) _refreshAppAuthAccessToken(optionsopt) → {Promise.<string>}

Initiate a refresh of the app auth access tokens. New tokens should be passed to the caller, and then cached for later use.
Parameters:
Name Type Attributes Description
options TokenRequestOptions <optional>
 Sets optional behavior for the token grant
Source:
Returns:
Promise resolving to the access token
Type
Promise.<string>

exchangeToken(scopes, resourceopt, optionsopt) → {Promise.<TokenInfo>}

Exchange the client access token for one with lower scope
Parameters:
Name Type Attributes Description
scopes string | Array.<string> The scope(s) requested for the new token
resource string <optional>
 The absolute URL of an API resource to scope the new token to
options Object <optional>
 Optional parameters
Properties
Name Type Attributes Description
tokenRequestOptions TokenRequestOptions <optional>
 Sets optional behavior for the token grant
actor ActorParams <optional>
 Optional actor parameters for creating annotator tokens
Source:
Returns:
Promise resolving to the new token info
Type
Promise.<TokenInfo>

exchangeToken(scopes, resourceopt, optionsopt) → {Promise.<TokenInfo>}

Exchange the client access token for one with lower scope
Parameters:
Name Type Attributes Description
scopes string | Array.<string> The scope(s) requested for the new token
resource string <optional>
 The absolute URL of an API resource to scope the new token to
options Object <optional>
 Optional parameters
Properties
Name Type Attributes Description
tokenRequestOptions TokenRequestOptions <optional>
 Sets optional behavior for the token grant
actor ActorParams <optional>
 Optional actor parameters for creating annotator tokens
Source:
Returns:
Promise resolving to the new token info
Type
Promise.<TokenInfo>

getAccessToken(optionsopt) → {Promise.<string>}

Produces a valid, app auth access token. Performs a refresh before returning if the current token is expired. If the current token is considered stale but still valid, return the current token but initiate a new refresh in the background.
Parameters:
Name Type Attributes Description
options TokenRequestOptions <optional>
 Sets optional behavior for the token grant
Source:
Returns:
Promise resolving to the access token
Type
Promise.<string>

getAccessToken(optionsopt) → {Promise.<string>}

Produces a valid, app auth access token. Performs a refresh before returning if the current token is expired. If the current token is considered stale but still valid, return the current token but initiate a new refresh in the background.
Parameters:
Name Type Attributes Description
options TokenRequestOptions <optional>
 Sets optional behavior for the token grant
Source:
Returns:
Promise resolving to the access token
Type
Promise.<string>

handleExpiredTokensError(err) → {Promise.<Error>}

Handle an an "Expired Tokens" Error. If our tokens are expired, we need to clear the token store (if present) before continuing.
Parameters:
Name Type Description
err Errors~ExpiredTokensError An "expired tokens" error including information about the request/response.
Source:
Returns:
Promise resolving to an error. This will usually be the original response error, but could an error from trying to access the token store as well.
Type
Promise.<Error>

handleExpiredTokensError(err) → {Promise.<Error>}

Handle an an "Expired Tokens" Error. If our tokens are expired, we need to clear the token store (if present) before continuing.
Parameters:
Name Type Description
err Errors~ExpiredTokensError An "expired tokens" error including information about the request/response.
Source:
Returns:
Promise resolving to an error. This will usually be the original response error, but could an error from trying to access the token store as well.
Type
Promise.<Error>

revokeTokens(optionsopt) → {Promise}

Revokes the app auth token used by this session, and clears the saved tokenInfo.
Parameters:
Name Type Attributes Description
options TokenRequestOptions <optional>
 Sets optional behavior for the token grant
Source:
Returns:
Promise resolving if the revoke succeeds
Type
Promise

revokeTokens(optionsopt) → {Promise}

Revokes the app auth token used by this session, and clears the saved tokenInfo.
Parameters:
Name Type Attributes Description
options TokenRequestOptions <optional>
 Sets optional behavior for the token grant
Source:
Returns:
Promise resolving if the revoke succeeds
Type
Promise