UserSession

Class
import { UserSession } from '@esri/arcgis-rest-auth';
UserSession.beginOAuth2({
  // register an app of your own to create a unique clientId
  clientId: "abc123",
  redirectUri: 'https://yourapp.com/authenticate.html'
})
  .then(session)
// or
new UserSession({
  username: "jsmith",
  password: "123456"
})
// or
UserSession.deserialize(cache)

Used to authenticate both ArcGIS Online and ArcGIS Enterprise users. UserSession includes helper methods for OAuth 2.0 in both browser and server applications.

Implements

Constructors

Constructor Parameters

Parameter Type Default Notes
options Required IUserSessionOptions

Properties

Property Type Notes
clientId string

Client ID being used for authentication if provided in the constructor.

password string

The currently authenticated user's password if provided in the constructor.

portal string

The current portal the user is authenticated with.

provider AuthenticationProvider

The authentication provider to use.

redirectUri string

A valid redirect URI for this application if provided in the constructor.

refreshTokenTTL number

Duration of new OAuth 2.0 refresh token validity.

server string

An unfederated ArcGIS Server instance known to recognize credentials supplied manually.

{
  server: "https://sampleserver6.arcgisonline.com/arcgis",
  token: "SOSlV3v..",
  tokenExpires: new Date(1545415669763)
}
ssl boolean

This value is set to true automatically if the ArcGIS Organization requires that requests be made over https.

tokenDuration number

Determines how long new tokens requested are valid.

username string

The currently authenticated user if provided in the constructor.

Accessors

Accessor Type Notes
refreshToken string

The current token to ArcGIS Online or ArcGIS Enterprise.

refreshTokenExpires Date

The expiration time of the current refreshToken.

token string

The current ArcGIS Online or ArcGIS Enterprise token.

tokenExpires Date

The expiration time of the current token.

Methods

Method Returns Notes
void

Begins a new server-based OAuth 2.0 sign in. This will redirect the user to the ArcGIS Online or ArcGIS Enterprise authorization page.

Promise<UserSession>

Begins a new browser-based OAuth 2.0 sign in. If options.popup is true the authentication window will open in a new tab/window otherwise the user will be redirected to the authorization page in their current tab.

UserSession

Completes a browser-based OAuth 2.0 sign if options.popup is true the user will be returned to the previous window. Otherwise a new UserSession will be returned.

UserSession
Promise<UserSession>

Completes the server-based OAuth 2.0 sign in process by exchanging the authorizationCode for a access_token.

UserSession

Translates authentication from the format used in the ArcGIS API for JavaScript.

UserSession.fromCredential({
  userId: "jsmith",
  token: "secret"
});
Promise<string>

Gets an appropriate token for the given URL. If portal is ArcGIS Online and the request is to an ArcGIS Online domain token will be used. If the request is to the current portal the current token will also be used. However if the request is to an unknown server we will validate the server with a request to our current portal.

Promise<IUser>

Returns information about the currently logged in user. Subsequent calls will not result in additional web traffic.

session.getUser()
  .then(response => {
    console.log(response.role); // "org_admin"
  })
Promise<UserSession>

Manually refreshes the current token and tokenExpires.

string
ICredential

Returns authentication in a format useable in the ArcGIS API for JavaScript.

esriId.registerToken(session.toCredential());
IUserSessionOptions

authorize

Static Static Class Method

Begins a new server-based OAuth 2.0 sign in. This will redirect the user to the ArcGIS Online or ArcGIS Enterprise authorization page.

Parameters

Parameter Type Default Notes
options Required IOAuth2Options
response Required ServerResponse

Returns

void

beginOAuth2

Static Static Class Method

Begins a new browser-based OAuth 2.0 sign in. If options.popup is true the authentication window will open in a new tab/window otherwise the user will be redirected to the authorization page in their current tab.

Parameters

Parameter Type Default Notes
options Required IOAuth2Options
win Optional any window

Returns

Promise<UserSession>

completeOAuth2

Static Static Class Method

Completes a browser-based OAuth 2.0 sign if options.popup is true the user will be returned to the previous window. Otherwise a new UserSession will be returned.

Parameters

Parameter Type Default Notes
options Required IOAuth2Options
win Optional any window

Returns

deserialize

Static Static Class Method

Parameters

Parameter Type Default Notes
str Required string

Returns

exchangeAuthorizationCode

Static Static Class Method

Completes the server-based OAuth 2.0 sign in process by exchanging the authorizationCode for a access_token.

Parameters

Parameter Type Default Notes
options Required IOAuth2Options
authorizationCode Required string

Returns

Promise<UserSession>

fromCredential

Static Static Class Method

Translates authentication from the format used in the ArcGIS API for JavaScript.

Parameters

Parameter Type Default Notes
credential Required ICredential

Returns

UserSession


UserSession.fromCredential({
  userId: "jsmith",
  token: "secret"
});

getToken

Class Method

Gets an appropriate token for the given URL. If portal is ArcGIS Online and the request is to an ArcGIS Online domain token will be used. If the request is to the current portal the current token will also be used. However if the request is to an unknown server we will validate the server with a request to our current portal.

Parameters

Parameter Type Default Notes
url Required string
requestOptions Optional ITokenRequestOptions

Returns

Promise<string>

getUser

Class Method

Returns information about the currently logged in user. Subsequent calls will not result in additional web traffic.

Parameters

Parameter Type Default Notes
requestOptions Optional IRequestOptions

Options for the request. NOTE: rawResponse is not supported by this operation.

Returns

A Promise that will resolve with the data from the response.

Promise<IUser>

session.getUser()
  .then(response => {
    console.log(response.role); // "org_admin"
  })

refreshSession

Class Method

Manually refreshes the current token and tokenExpires.

Parameters

Parameter Type Default Notes
requestOptions Optional ITokenRequestOptions

Returns

Promise<UserSession>

serialize

Class Method

  • serialize() : string

Returns

string

toCredential

Class Method

Returns authentication in a format useable in the ArcGIS API for JavaScript.

Returns

ICredential


esriId.registerToken(session.toCredential());

toJSON

Class Method

Returns


Class defined in packages/arcgis-rest-auth/src/UserSession.ts:233