• Home
• com.google.api.client
• google-api-client-googleapis
• 1.4.1-beta
• source code
• package-info.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.google.api.client.googleapis.auth.oauth.package-info Maven / Gradle / Ivy

/*
 * Copyright (c) 2010 Google Inc.
 *
 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
 * in compliance with the License. You may obtain a copy of the License at
 *
 * http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software distributed under the License
 * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
 * or implied. See the License for the specific language governing permissions and limitations under
 * the License.
 */

/**
 * Google's additions to OAuth 1.0a authorization as specified in Google's OAuth API Reference 
 * (see detailed package specification).
 *
 * 
Package Specification
 *
 * 

 * Before using this library, you need to set up your application as follows:
 * 
 * 

 * 
For a web application, you should first register your application at the Manage Your Domains page. See detailed
 * instructions at the registration
 * page. Take note of the following OAuth information you will need:
 * 

 * 
OAuth Consumer Key (same as your appspot domain): use this as the {@code consumerKey} on
 * every OAuth request, for example in
 * {@link com.google.api.client.auth.oauth.AbstractOAuthGetToken#consumerKey}.
 * 
OAuth Consumer Secret: use this as the
 * {@link com.google.api.client.auth.oauth.OAuthHmacSigner}.
 * {@link com.google.api.client.auth.oauth.OAuthHmacSigner#clientSharedSecret clientSharedSecret}
 * when using the {@code "HMAC-SHA1"} signature method.
 * 
Upload new X.509 cert: See the instructions for generating a
 * self-signing private key and public certificate. Use
 * {@link com.google.api.client.auth.oauth.OAuthRsaSigner} for this {@code "RSA-SHA1"} signature
 * method.
 * 

 * 
Example for generating private key and public certificate:
 *
 * 

# Generate the RSA keys and certificate
keytool -genkey -v -alias Example -keystore ./Example.jks\
  -keyalg RSA -sigalg SHA1withRSA\
  -dname "CN=myappname.appspot.com, OU=Engineering, O=My_Company, L=Mountain  View, ST=CA, C=US"\
  -storepass changeme -keypass changeme
# Output the public certificate to a file
keytool -export -rfc -keystore ./Example.jks -storepass changeme \
  -alias Example -file mycert.pem
 * 
 * 
 * 
 * 
 * 
For an installed application, an unregistered web application, or a web application running
 * on localhost, you must use the {@code "HMAC-SHA1"} signature method. Use {@code "anonymous"} for
 * the {@code consumerKey} and {@code clientSharedSecret}.
 * 
 * 

 * After the set up has been completed, the typical application flow is:
 * 
 * 

 * 
Request a temporary credentials token ("request token") from the Google Authorization server
 * using {@link com.google.api.client.googleapis.auth.oauth.GoogleOAuthGetTemporaryToken}. A
 * callback URL should be specified for web applications, but does not need to be specified for
 * installed applications.
 * 
Direct the end user to a Google Accounts web page to allow the end user to authorize the
 * temporary token using using
 * {@link com.google.api.client.googleapis.auth.oauth.GoogleOAuthAuthorizeTemporaryTokenUrl}.
 * 
After the user has granted the authorization:
 * 

 * 
For web applications, the user's browser will be redirected to the callback URL which may be
 * parsed using {@link com.google.api.client.auth.oauth.OAuthCallbackUrl}.
 * 
For installed applications, use {@code ""} for the verification code.
 * 
 * 
 * 
Request to exchange the temporary token for a long-lived access token from the Google
 * Authorization server using
 * {@link com.google.api.client.googleapis.auth.oauth.GoogleOAuthGetAccessToken}. This access token
 * must be stored.
 * 
Use the stored access token to authorize HTTP requests to protected resources in Google
 * services by setting the {@link com.google.api.client.auth.oauth.OAuthParameters#token} and
 * invoking
 * {@link com.google.api.client.auth.oauth.OAuthParameters#signRequestsUsingAuthorizationHeader}.
 * 
 * 
For 2-legged OAuth, use
 * {@link com.google.api.client.googleapis.auth.oauth.GoogleOAuthDomainWideDelegation} as a request
 * execute interceptor to set the e-mail address of the user on every HTTP request, or
 * {@link com.google.api.client.googleapis.auth.oauth.GoogleOAuthDomainWideDelegation.Url} as a
 * generic URL builder with the requestor ID parameter.
 * 
To revoke an access token, use
 * {@link com.google.api.client.googleapis.auth.oauth.GoogleOAuthGetAccessToken#revokeAccessToken}.
 * Users can also manually revoke tokens from Google's change authorized websites page.
 * 
 * 
 *
 *
 * 

 * Warning: this package is experimental, and its content may be changed in incompatible ways or
 * possibly entirely removed in a future version of the library
 * 
 *
 * @since 1.0
 * @author Yaniv Inbar
 */

package com.google.api.client.googleapis.auth.oauth;