public class OAuthClient extends Object
For a regular web app running on a server, it's recommended to use the Authorization Code Flow to obtain an Access Token and a Refresh Token. This method is considered safe because the Access Token is transmitted directly to the server hosting the app, without passing through the user's web browser and risking exposure.
To enhance the security of the Authorization Code Flow, the PKCE (Proof Key for Code Exchange) mechanism can be employed. With PKCE, the calling application generates a secret called the Code Verifier, which is verified by the authorization server. The app also creates a transform value of the Code Verifier, called the Code Challenge, and sends it over HTTPS to obtain an Authorization Code. By intercepting the Authorization Code, a malicious attacker cannot exchange it for a token without possessing the Code Verifier.
| Modifier and Type | Class and Description |
|---|---|
static class |
OAuthClient.Builder |
| Constructor and Description |
|---|
OAuthClient(DatabricksConfig config) |
| Modifier and Type | Method and Description |
|---|---|
String |
getAuthUrl() |
String |
getClientId() |
String |
getClientSecret() |
String |
getHost() |
String |
getRedirectUrl() |
List<String> |
getScopes() |
String |
getTokenUrl() |
Consent |
initiateConsent() |
boolean |
isAws() |
boolean |
isAzure() |
public OAuthClient(DatabricksConfig config) throws IOException
IOExceptionpublic String getHost()
public String getClientId()
public String getClientSecret()
public String getRedirectUrl()
public String getTokenUrl()
public String getAuthUrl()
public boolean isAws()
public boolean isAzure()
public Consent initiateConsent() throws MalformedURLException
MalformedURLExceptionCopyright © 2024. All rights reserved.