Authentication Manager

Manages OAuth authentication and token refresh for the Athena gRPC client. Handles acquiring and refreshing access tokens using the OAuth client credentials flow.

Main features: - Supports OAuth client credentials grant - Handles token refresh and decoding - Integrates with Athena gRPC client

Usage Example:

import { AuthenticationManager } from '@crispthinking/athena-classifier-sdk';
const auth = new AuthenticationManager({
    clientId: 'your-client-id',
    clientSecret: 'your-client-secret',
});

Required:

  • clientId: OAuth client ID

  • clientSecret: OAuth client secret

Optional:

  • issuerUrl: URL of the OAuth issuer

  • audience: OAuth audience to request. Defaults to the live environment if not specified.

  • autoRefresh: Whether to automatically refresh the access token

  • scope: OAuth scope to request. Defaults to all granted scopes.

class AuthenticationManager  [source]

Manages OAuth authentication and token refresh for the Athena gRPC client. Handles acquiring and refreshing access tokens using the OAuth client credentials flow.

Constructor(options: AuthenticationOptions)

Creates a new AuthenticationManager with the provided options.

Parameters

options: AuthenticationOptions

Configuration options for authentication.

token: TokenEndpointResponse | undefined
decoded: JwtPayload
options: AuthenticationOptions
discovery: Configuration
tokenExpiration: Date
appendAuthorizationToMetadata(metadata: grpc.Metadata): Promise<void>

Appends the current authentication header to the provided gRPC metadata object.

Parameters

metadata: grpc.Metadata

The gRPC metadata to which the Authorization header will be added.

Returns

Promise<void>

getAuthenticationHeader(): Promise<string>

Returns the current authentication header (e.g., “Bearer <token>”), refreshing the token if necessary.

Returns

Promise<string> - The authentication header string.

maybeRefreshAccessToken(): Promise<void>

Handles token refresh logic, including discovery, refresh, and re-acquisition as needed. Refreshes the access token if expired or missing.

Returns

Promise<void>