Package com.google.auth.oauth2

Class UserAuthorizer

  • public class UserAuthorizer
extends java.lang.Object
    Handles an interactive 3-Legged-OAuth2 (3LO) user consent authorization.

    • Field Detail

      • DEFAULT_CALLBACK_URI

        static final java.net.URI DEFAULT_CALLBACK_URI

      • clientId

        private final ClientId clientId

      • scopes

        private final java.util.Collection<java.lang.String> scopes

      • callbackUri

        private final java.net.URI callbackUri

      • tokenServerUri

        private final java.net.URI tokenServerUri

      • userAuthUri

        private final java.net.URI userAuthUri

    • Method Detail

      • getClientId

        public ClientId getClientId()
        Returns the Client ID user to identify the OAuth2 consent prompt.
        Returns:
        The Client ID.

      • getScopes

        public java.util.Collection<java.lang.String> getScopes()
        Returns the scopes defining the user consent.
        Returns:
        The collection of scopes defining the user consent.

      • getCallbackUri

        public java.net.URI getCallbackUri()
        Returns the URI for implementation of the OAuth2 web callback.
        Returns:
        The URI for the OAuth2 web callback.

      • getCallbackUri

        public java.net.URI getCallbackUri​(java.net.URI baseUri)
        Returns the URI for implementation of the OAuth2 web callback, optionally relative to the specified URI.

        The callback URI is often relative to enable an application to be tested from more than one place so this can be used to resolve it relative to another URI.

        Parameters:
        baseUri - The URI to resolve the callback URI relative to.
        Returns:
        The resolved URI.

      • getTokenStore

        public TokenStore getTokenStore()
        Returns the implementation of a component for long term storage of tokens.
        Returns:
        The token storage implementation for long term storage of tokens.

      • getAuthorizationUrl

        public java.net.URL getAuthorizationUrl​(java.lang.String userId,
                                        java.lang.String state,
                                        java.net.URI baseUri)
        Return a URL that performs the authorization consent prompt web UI.
        Parameters:
        userId - Application's identifier for the end user.
        state - State that is passed on to the OAuth2 callback URI after the consent.
        baseUri - The URI to resolve the OAuth2 callback URI relative to.
        Returns:
        The URL that can be navigated or redirected to.

      • getAuthorizationUrl

        public java.net.URL getAuthorizationUrl​(java.lang.String userId,
                                        java.lang.String state,
                                        java.net.URI baseUri,
                                        java.util.Map<java.lang.String,​java.lang.String> additionalParameters)
        Return a URL that performs the authorization consent prompt web UI.
        Parameters:
        userId - Application's identifier for the end user.
        state - State that is passed on to the OAuth2 callback URI after the consent.
        baseUri - The URI to resolve the OAuth2 callback URI relative to.
        additionalParameters - Additional query parameters to be added to the authorization URL.
        Returns:
        The URL that can be navigated or redirected to.

      • getCredentials

        public UserCredentials getCredentials​(java.lang.String userId)
                               throws java.io.IOException
        Attempts to retrieve credentials for the approved end user consent.
        Parameters:
        userId - Application's identifier for the end user.
        Returns:
        The loaded credentials or null if there are no valid approved credentials.
        Throws:
        java.io.IOException - If there is error retrieving or loading the credentials.

      • getCredentialsFromCode

        public UserCredentials getCredentialsFromCode​(java.lang.String code,
                                              java.net.URI baseUri)
                                       throws java.io.IOException
        Returns a UserCredentials instance by exchanging an OAuth2 authorization code for tokens.
        Parameters:
        code - Code returned from OAuth2 consent prompt.
        baseUri - The URI to resolve the OAuth2 callback URI relative to.
        Returns:
        the UserCredentials instance created from the authorization code.
        Throws:
        java.io.IOException - An error from the server API call to get the tokens.

      • getCredentialsFromCode

        public UserCredentials getCredentialsFromCode​(java.lang.String code,
                                              java.net.URI baseUri,
                                              java.util.Map<java.lang.String,​java.lang.String> additionalParameters)
                                       throws java.io.IOException
        Returns a UserCredentials instance by exchanging an OAuth2 authorization code for tokens.
        Parameters:
        code - Code returned from OAuth2 consent prompt.
        baseUri - The URI to resolve the OAuth2 callback URI relative to.
        additionalParameters - Additional parameters to be added to the post body of token endpoint request.
        Returns:
        the UserCredentials instance created from the authorization code.
        Throws:
        java.io.IOException - An error from the server API call to get the tokens.

      • getTokenResponseFromAuthCodeExchange

        public UserAuthorizer.TokenResponseWithConfig getTokenResponseFromAuthCodeExchange​(java.lang.String code,
                                                                                   java.net.URI callbackUri,
                                                                                   java.util.Map<java.lang.String,​java.lang.String> additionalParameters)
                                                                            throws java.io.IOException
        Handles OAuth2 authorization code exchange and returns a UserAuthorizer.TokenResponseWithConfig object containing the tokens and configuration details.
        Parameters:
        code - The authorization code received from the OAuth2 authorization server.
        callbackUri - The URI to which the authorization server redirected the user after granting authorization.
        additionalParameters - Additional parameters to include in the token exchange request.
        Returns:
        A UserAuthorizer.TokenResponseWithConfig object containing the access token, refresh token (if granted), and configuration details used in the OAuth flow.
        Throws:
        java.io.IOException - If an error occurs during the token exchange process.

      • getAndStoreCredentialsFromCode

        public UserCredentials getAndStoreCredentialsFromCode​(java.lang.String userId,
                                                      java.lang.String code,
                                                      java.net.URI baseUri)
                                               throws java.io.IOException
        Exchanges an authorization code for tokens and stores them.
        Parameters:
        userId - Application's identifier for the end user.
        code - Code returned from OAuth2 consent prompt.
        baseUri - The URI to resolve the OAuth2 callback URI relative to.
        Returns:
        UserCredentials instance created from the authorization code.
        Throws:
        java.io.IOException - An error from the server API call to get the tokens or store the tokens.

      • revokeAuthorization

        public void revokeAuthorization​(java.lang.String userId)
                         throws java.io.IOException
        Revokes the authorization for tokens stored for the user.
        Parameters:
        userId - Application's identifier for the end user.
        Throws:
        java.io.IOException - An error calling the revoke API or deleting the state.

      • storeCredentials

        public void storeCredentials​(java.lang.String userId,
                             UserCredentials credentials)
                      throws java.io.IOException
        Puts the end user credentials in long term storage.
        Parameters:
        userId - Application's identifier for the end user.
        credentials - UserCredentials instance for the authorized consent.
        Throws:
        java.io.IOException - An error storing the credentials.

      • monitorCredentials

        protected void monitorCredentials​(java.lang.String userId,
                                  UserCredentials credentials)
        Adds a listen to rewrite the credentials when the tokens are refreshed.
        Parameters:
        userId - Application's identifier for the end user.
        credentials - UserCredentials instance to listen to.

      • getCredentialsFromCodeInternal

        private UserAuthorizer.TokenResponseWithConfig getCredentialsFromCodeInternal​(java.lang.String code,
                                                                              java.net.URI baseUri,
                                                                              java.util.Map<java.lang.String,​java.lang.String> additionalParameters)
                                                                       throws java.io.IOException
        Throws:
        java.io.IOException