@inrupt/solid-client-authn-node / Session

Class: Session#

A Session object represents a user’s session on an application. The session holds state, as it stores information enabling acces to private resources after login for instance.

Implements#

  • IHasSessionEventListener

Constructors#

constructor#

new Session(sessionOptions?, sessionId?): Session

Session object constructor. Typically called as follows:

const session = new Session(
  {
    clientAuthentication: getClientAuthenticationWithDependencies({})
  },
  "mySession"
);

Parameters#

Name

Type

Default value

Description

sessionOptions

Partial<ISessionOptions>

{}

The options enabling the correct instantiation of the session. Either both storages or clientAuthentication are required. For more information, see ISessionOptions.

sessionId

undefined | string

undefined

A string uniquely identifying the session.

Returns#

Session

Defined in#

packages/node/src/Session.ts:119

Properties#

clientAuthentication#

Private clientAuthentication: default

Defined in#

packages/node/src/Session.ts:96


events#

Readonly events: ISessionEventListener

Session attribute exposing the EventEmitter interface, to listen on session events such as login, logout, etc.

Since

1.14.0

Implementation of#

IHasSessionEventListener.events

Defined in#

packages/node/src/Session.ts:94


fetch#

fetch: (input: RequestInfo | URL, init?: RequestInit) => Promise<Response>(input: string | Request | URL, init?: RequestInit) => Promise<Response>

Type declaration#

▸ (input, init?): Promise<Response>

Fetches data using available login information. If the user is not logged in, this will behave as a regular fetch. The signature of this method is identical to the canonical fetch.

Parameters#

Name

Type

Description

input

RequestInfo | URL

-

init?

RequestInit

Optional parameters customizing the request, by specifying an HTTP method, headers, a body, etc. Follows the WHATWG Fetch Standard.

Returns#

Promise<Response>

▸ (input, init?): Promise<Response>

Fetches data using available login information. If the user is not logged in, this will behave as a regular fetch. The signature of this method is identical to the canonical fetch.

Parameters#

Name

Type

Description

input

string | Request | URL

-

init?

RequestInit

Optional parameters customizing the request, by specifying an HTTP method, headers, a body, etc. Follows the WHATWG Fetch Standard.

Returns#

Promise<Response>

Defined in#

packages/node/src/Session.ts:199


info#

Readonly info: ISessionInfo

Information regarding the current session.

Defined in#

packages/node/src/Session.ts:87


lastTimeoutHandle#

Private lastTimeoutHandle: number = 0

Defined in#

packages/node/src/Session.ts:100


tokenRequestInProgress#

Private tokenRequestInProgress: boolean = false

Defined in#

packages/node/src/Session.ts:98

Methods#

handleIncomingRedirect#

handleIncomingRedirect(url): Promise<undefined | ISessionInfo>

Completes the login process by processing the information provided by the identity provider through redirect.

Parameters#

Name

Type

Description

url

string

The URL of the page handling the redirect, including the query parameters — these contain the information to process the login.

Returns#

Promise<undefined | ISessionInfo>

Defined in#

packages/node/src/Session.ts:264


internalLogout#

internalLogout(emitEvent, options?): Promise<void>

Parameters#

Name

Type

emitEvent

boolean

options?

ILogoutOptions

Returns#

Promise<void>

Defined in#

packages/node/src/Session.ts:246


login#

login(options?): Promise<void>

Triggers the login process. Note that this method will redirect the user away from your app.

Parameters#

Name

Type

Description

options?

ILoginInputOptions

Parameter to customize the login behaviour. In particular, two options are mandatory: options.oidcIssuer, the user’s identity provider, and options.redirectUrl, the URL to which the user will be redirected after logging in their identity provider.

Returns#

Promise<void>

This method should redirect the user away from the app: it does not return anything. The login process is completed by handleIncomingRedirect.

Defined in#

packages/node/src/Session.ts:173


logout#

logout(options?): Promise<void>

Logs the user out of the application.

There are 2 types of logout supported by this library, app logout and idp logout.

App logout will log the user out within the application by clearing any session data from the browser. It does not log the user out of their Solid identity provider, and should not redirect the user away. App logout can be performed as follows:

await session.logout({ logoutType: 'app' });

IDP logout will log the user out of their Solid identity provider, and will redirect the user away from the application to do so. In order for users to be redirected back to postLogoutUrl you MUST include the postLogoutUrl value in the post_logout_redirect_uris field in the Client ID Document. IDP logout can be performed as follows:

await session.logout({
 logoutType: 'idp',
 // An optional URL to redirect to after logout has completed;
 // this MUST match a logout URL listed in the Client ID Document
 // of the application that is logged in.
 // If the application is logged in with a Client ID that is not
 // a URI dereferencing to a Client ID Document then users will
 // not be redirected back to the `postLogoutUrl` after logout.
 postLogoutUrl: 'https://example.com/logout',
 // An optional value to be included in the query parameters
 // when the IDP provider redirects the user to the postLogoutRedirectUrl.
 state: "my-state"
});

Parameters#

Name

Type

options?

ILogoutOptions

Returns#

Promise<void>

Defined in#

packages/node/src/Session.ts:243