All Downloads are FREE. Search and download functionalities are using the official Maven repository.
  • Log In
  • Register

    • com.google.api.client.googleapis.auth.oauth.package.html Maven / Gradle / Ivy

    Go to download

    Google API Client Library for Java. Supports Java 5 (or higher) desktop (SE) and web (EE), Android, and Google App Engine.

    There is a newer version: 1.4.1-beta
    Show newest version
    
Google's additions to OAuth 1.0a authorization as specified in
Google's
OAuth API Reference 
(see detailed package specification).


    Package Specification
    


    Before using this library, you need to set up your application as
follows:
    

      
  
    1. For a web application, you should first register your application at
  the Manage Your
  Domains page. See detailed instructions at the registration
  page. Take note of the following OAuth information you will need:
  
        
    
      • OAuth Consumer Key (same as your appspot domain): use this as the
    {@code consumerKey} on every OAuth request, for example in {@link
    com.google.api.client.auth.oauth.AbstractOAuthGetToken#consumerKey}.
        • 
    
      • OAuth Consumer Secret: use this as the {@link
    com.google.api.client.auth.oauth.OAuthHmacSigner}.{@link
    com.google.api.client.auth.oauth.OAuthHmacSigner#clientSharedSecret
    clientSharedSecret} when using the {@code "HMAC-SHA1"} signature method.
        • 
    
      • Upload new X.509 cert: See the instructions for generating
    a self-signing private key and public certificate. Use {@link
    com.google.api.client.auth.oauth.OAuthRsaSigner} for this {@code "RSA-SHA1"}
    signature method.
    
          
      
        • Example for generating private key and public certificate:
          
# Generate the RSA keys and certificate
keytool -genkey -v -alias Example -keystore ./Example.jks\
  -keyalg RSA -sigalg SHA1withRSA\
  -dname "CN=myappname.appspot.com, OU=Engineering, O=My_Company, L=Mountain  View, ST=CA, C=US"\
  -storepass changeme -keypass changeme
# Output the public certificate to a file
keytool -export -rfc -keystore ./Example.jks -storepass changeme \
  -alias Example -file mycert.pem
          • 
    
        
    
        • 
  
      
  
      2. 
  
    2. For an installed application, an unregistered web application, or a
  web application running on localhost, you must use the {@code "HMAC-SHA1"}
  signature method. Use {@code "anonymous"} for the {@code consumerKey} and
  {@code clientSharedSecret}.
      3. 

    

    After the set up has been completed, the typical application flow is:
    

      
  
    1. Request a temporary credentials token ("request token") from the
  Google Authorization server using {@link
  com.google.api.client.googleapis.auth.oauth.GoogleOAuthGetTemporaryToken}. A
  callback URL should be specified for web applications, but does not need to be
  specified for installed applications.
      2. 
  
    2. Direct the end user to a Google Accounts web page to allow the end
  user to authorize the temporary token using using {@link
  com.google.api.client.googleapis.auth.oauth.GoogleOAuthAuthorizeTemporaryTokenUrl}.
      3. 
  
    3. After the user has granted the authorization:
  
        
    
      • For web applications, the user's browser will be redirected to the
    callback URL which may be parsed using {@link
    com.google.api.client.auth.oauth.OAuthCallbackUrl}.
        • 
    
      • For installed applications, use {@code ""} for the verification
    code.
        • 
  
      
  
      4. 
  
    4. Request to exchange the temporary token for a long-lived access token
  from the Google Authorization server using {@link
  com.google.api.client.googleapis.auth.oauth.GoogleOAuthGetAccessToken}. This
  access token must be stored.
      5. 
  
    5. Use the stored access token to authorize HTTP requests to protected
  resources in Google services by setting the {@link
  com.google.api.client.auth.oauth.OAuthParameters#token} and invoking {@link
  com.google.api.client.auth.oauth.OAuthParameters#signRequestsUsingAuthorizationHeader}.
      6. 
  
    6. For 2-legged OAuth, use {@link
  com.google.api.client.googleapis.auth.oauth.GoogleOAuthDomainWideDelegation}
  as a request execute intercepter to set the e-mail address of the user on
  every HTTP request, or {@link
  com.google.api.client.googleapis.auth.oauth.GoogleOAuthDomainWideDelegation.Url}
  as a generic URL builder with the requestor ID parameter.
      7. 
  
    7. To revoke an access token, use {@link
  com.google.api.client.googleapis.auth.oauth.GoogleOAuthGetAccessToken#revokeAccessToken}.
  Users can also manually revoke tokens from Google's change
  authorized websites page.
      8. 

    


    This package depends on theses packages:
    

      
  
    • {@link com.google.api.client.auth.oauth}
      • 
  
    • {@link com.google.api.client.googleapis}
      • 
  
    • {@link com.google.api.client.http}
      • 
  
    • {@link com.google.api.client.util}
      • 

    


    Warning: this package is experimental, and its content may be
changed in incompatible ways or possibly entirely removed in a future version of
the library
    

@since 1.0




    © 2015 - 2025 Weber Informatics LLC | Privacy Policy