com.google.api.client.googleapis.auth.oauth2
Class GoogleAuthorizationCodeFlow

java.lang.Object
  com.google.api.client.auth.oauth2.AuthorizationCodeFlow
      com.google.api.client.googleapis.auth.oauth2.GoogleAuthorizationCodeFlow

public class GoogleAuthorizationCodeFlow
extends AuthorizationCodeFlow

Thread-safe Google OAuth 2.0 authorization code flow that manages and persists end-user credentials.

This is designed to simplify the flow in which an end-user authorizes the application to access their protected data, and then the application has access to their data based on an access token and a refresh token to refresh that access token when it expires.

The first step is to call AuthorizationCodeFlow.loadCredential(String) based on the known user ID to check if the end-user's credentials are already known. If not, call newAuthorizationUrl() and direct the end-user's browser to an authorization page. The web browser will then redirect to the redirect URL with a "code" query parameter which can then be used to request an access token using newTokenRequest(String). Finally, use AuthorizationCodeFlow.createAndStoreCredential(TokenResponse, String) to store and obtain a credential for accessing protected resources.

Upgrade warning: prior to version 1.10 the default for the approval_prompt parameter was "force", and the default for the access_type parameter was "offline". However, starting with version 1.10 the default for the approval_prompt and access_type parameters and is null, which means "approval_prompt=auto&access_type=online" for web applications. To keep the prior behavior, you need to explicitly call setApprovalPrompt("force").setAccesstype("offline") . See GoogleAuthorizationCodeFlow.Builder.setApprovalPrompt(String) and GoogleAuthorizationCodeFlow.Builder.setAccessType(String) for more details.

Since:

1.7

Author:

Yaniv Inbar

Nested Class Summary

static class

GoogleAuthorizationCodeFlow.Builder Google authorization code flow builder.

Constructor Summary

protected

GoogleAuthorizationCodeFlow(Credential.AccessMethod method, HttpTransport transport, JsonFactory jsonFactory, GenericUrl tokenServerUrl, HttpExecuteInterceptor clientAuthentication, String clientId, String authorizationServerEncodedUrl, CredentialStore credentialStore, HttpRequestInitializer requestInitializer, String scopes, String accessType, String approvalPrompt)

Method Summary

String	getAccessType() Returns the access type ("online" to request online access or "offline" to request offline access) or null for the default behavior of "online".
String	getApprovalPrompt() Returns the approval prompt behavior ("auto" to request auto-approval or "force" to force the approval UI to show) or null for the default behavior of "auto".
GoogleAuthorizationCodeRequestUrl	newAuthorizationUrl()
GoogleAuthorizationCodeTokenRequest	newTokenRequest(String authorizationCode)

Methods inherited from class com.google.api.client.auth.oauth2.AuthorizationCodeFlow

createAndStoreCredential, getAuthorizationServerEncodedUrl, getClientAuthentication, getClientId, getClock, getCredentialStore, getJsonFactory, getMethod, getRequestInitializer, getScopes, getTokenServerEncodedUrl, getTransport, loadCredential

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

GoogleAuthorizationCodeFlow

protected GoogleAuthorizationCodeFlow(Credential.AccessMethod method,
                                      HttpTransport transport,
                                      JsonFactory jsonFactory,
                                      GenericUrl tokenServerUrl,
                                      HttpExecuteInterceptor clientAuthentication,
                                      String clientId,
                                      String authorizationServerEncodedUrl,
                                      CredentialStore credentialStore,
                                      HttpRequestInitializer requestInitializer,
                                      String scopes,
                                      String accessType,
                                      String approvalPrompt)

Parameters:

method - method of presenting the access token to the resource server (for example BearerToken.authorizationHeaderAccessMethod())

transport - HTTP transport

jsonFactory - JSON factory

tokenServerUrl - token server URL

clientAuthentication - client authentication or null for none (see TokenRequest.setClientAuthentication(HttpExecuteInterceptor))

clientId - client identifier

authorizationServerEncodedUrl - authorization server encoded URL

credentialStore - credential persistence store or null for none

requestInitializer - HTTP request initializer or null for none

scopes - space-separated list of scopes or null for none

accessType - access type ("online" to request online access or "offline" to request offline access) or null for the default behavior

approvalPrompt - Prompt for consent behavior ("auto" to request auto-approval or "force" to force the approval UI to show) or null for the default behavior

Method Detail

newTokenRequest

public GoogleAuthorizationCodeTokenRequest newTokenRequest(String authorizationCode)

Overrides:

newTokenRequest in class AuthorizationCodeFlow

newAuthorizationUrl

public GoogleAuthorizationCodeRequestUrl newAuthorizationUrl()

Overrides:

newAuthorizationUrl in class AuthorizationCodeFlow

getApprovalPrompt

public final String getApprovalPrompt()

Returns the approval prompt behavior ("auto" to request auto-approval or "force" to force the approval UI to show) or null for the default behavior of "auto".

getAccessType

public final String getAccessType()

Returns the access type ("online" to request online access or "offline" to request offline access) or null for the default behavior of "online".