Graphorin API reference v0.1.0
Graphorin API reference / @graphorin/security / / OAuthClient
Interface: OAuthClient
Defined in: packages/security/src/oauth/types.ts:233
Public surface of the createOAuthClient factory. Each method accepts an AbortSignal so callers can cancel mid-flow.
Stable
Properties
| Property | Modifier | Type | Description | Defined in |
|---|---|---|---|---|
metadata | readonly | | DiscoveredMetadata | undefined | Cached metadata; the field reflects the latest known state. | packages/security/src/oauth/types.ts:239 |
registration | readonly | | OAuthRegistration | undefined | Cached registration; the field reflects the latest known state. | packages/security/src/oauth/types.ts:237 |
serverId | readonly | string | - | packages/security/src/oauth/types.ts:234 |
serverUrl | readonly | string | - | packages/security/src/oauth/types.ts:235 |
Methods
authorizeCode()
authorizeCode(opts?): Promise<OAuthSession>;Defined in: packages/security/src/oauth/types.ts:256
Run the Authorization Code + PKCE flow.
Parameters
| Parameter | Type |
|---|---|
opts? | AuthorizeCodeOptions |
Returns
Promise<OAuthSession>
authorizeDevice()
authorizeDevice(opts?): Promise<OAuthSession>;Defined in: packages/security/src/oauth/types.ts:258
Run the Device Authorization Grant.
Parameters
| Parameter | Type |
|---|---|
opts? | AuthorizeDeviceOptions |
Returns
Promise<OAuthSession>
discover()
discover(opts?): Promise<DiscoveredMetadata>;Defined in: packages/security/src/oauth/types.ts:242
Run discovery. Returns the cached value when available.
Parameters
| Parameter | Type |
|---|---|
opts? | { force?: boolean; signal?: AbortSignal; } |
opts.force? | boolean |
opts.signal? | AbortSignal |
Returns
Promise<DiscoveredMetadata>
refresh()
refresh(opts?): Promise<OAuthSession>;Defined in: packages/security/src/oauth/types.ts:265
Refresh the access token. Reuses the in-flight refresh promise when one is already running, so concurrent callers all observe the same network round-trip.
Parameters
| Parameter | Type |
|---|---|
opts? | { force?: boolean; signal?: AbortSignal; } |
opts.force? | boolean |
opts.signal? | AbortSignal |
Returns
Promise<OAuthSession>
registerClient()
registerClient(opts?): Promise<DynamicClientRegistrationResult>;Defined in: packages/security/src/oauth/types.ts:248
Run Dynamic Client Registration. The metadata's registration_endpoint must be set; the call rejects with OAuthRegistrationUnsupportedError otherwise.
Parameters
| Parameter | Type |
|---|---|
opts? | { clientName?: string; redirectUris?: readonly string[]; scope?: string; signal?: AbortSignal; } |
opts.clientName? | string |
opts.redirectUris? | readonly string[] |
opts.scope? | string |
opts.signal? | AbortSignal |
Returns
Promise<DynamicClientRegistrationResult>
revoke()
revoke(opts?): Promise<void>;Defined in: packages/security/src/oauth/types.ts:267
Revoke the current session against the discovered revocation endpoint.
Parameters
| Parameter | Type |
|---|---|
opts? | { reason?: string; signal?: AbortSignal; } |
opts.reason? | string |
opts.signal? | AbortSignal |
Returns
Promise<void>
status()
status(): Promise<
| OAuthSessionMetadata
| null>;Defined in: packages/security/src/oauth/types.ts:269
Audit-safe metadata view. Returns null when no session is stored.
Returns
Promise< | OAuthSessionMetadata | null>