OTRS Academy » Documentation » OTRS API Reference Perl » Kernel::WebApp::Controller::API::Role::HandlesTokens

Kernel::WebApp::Controller::API::Role::HandlesTokens

October 26, 2023

NAME

Kernel::WebApp::Controller::API::Role::HandlesTokens – Role that provides methods to deal with access-tokens.

PUBLIC INTERFACE

has AuthenticatedUserLogin

this attribute provides the user login of the currently authenticated user.

has AuthenticatedUserID

this attribute provides the user id of the currently authenticated user.

has DevAuthFakeHeader

this attribute provides the fake header used to authenticate in development mode.

ProcessToken()

reads the token from the current request and validates it, stores the logged in user in AuthenticatedUserLogin and updates the last access time on the token record in the DB if needed.

AllowCookieAuthentication()

specifies if the endpoint is allowed to receive the authentication token in a cookie (defaults to not allowed). This can be overridden in endpoints where a normal token header based authentication is not possible.

AccessToken()

Returns the current access-token for the request. It checks first in the 'Authorization' header. Then, if the token is not present there and the endpoint allows for cookie based authentication, it will check for the cookie whose name is specified in 'AccessTokenCookieName'.

    my $AccessToken = $Self->AccessToken();

Returns

    K::S::AccessToken::Token - in case it exists and is valid.
    C<undef>                 - in case is not present in the request headers or is invalid.

IsAccessTokenValid()

Checks if the jwt token is valid.

    my $AccessToken = $Self->IsAccessTokenValid(
        Token => '...' # jwt-token
    );

Returns

    K::S::AccessToken::Token - in case it exists and is valid.
    C<undef>                 - in case is invalid.

GenerateAccessToken()

Generated a new access-token.

    my $AccessToken = $Self->GenerateAccessToken(
        Username => '...' # the user for which the token will be generated to.
    );

Returns

    K::S::AccessToken::Token - in case it was successfully generated.
    C<undef>                 - in case any error occurs.

InvalidateAccessToken()

Deletes the current access-token (if any).

    my $Result = $Self->InvalidateAccessToken();

Returns

    1        - in case access-token was successfully deleted or there isn't any in the current request.
    C<undef> - in case any error occurs.

AccessTokenUserType()

Returns the user type that will be used to create the access-token.

AccessTokenFakeHeader

specifies the header name where that we can set to bypass the authentication (available only in development)

AccessTokenCookieName

specifies the cookie name where the authentication token is stored.

PRIVATE INTERFACE

has _AccessToken

Attribute that holds the current access-token for the request.

FacebookXEmailLinkedIn
Scroll to Top