com.google.api.client.auth.oauth.package-info Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of google-api-client Show documentation
Show all versions of google-api-client Show documentation
Google API Client Library for Java. Supports Java 5 (or higher) desktop (SE)
and web (EE), Android, and Google App Engine.
/*
* Copyright (c) 2010 Google Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
* in compliance with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software distributed under the License
* is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
* or implied. See the License for the specific language governing permissions and limitations under
* the License.
*/
/**
* OAuth 1.0 authorization as specified in RFC 5849:
* The OAuth 1.0 Protocol (see detailed package specification).
*
*
* There are a few features not supported by this implementation:
*
*
* - {@code PLAINTEXT} signature algorithm
* - {@code "application/x-www-form-urlencoded"} HTTP request body
* - {@code "oauth_*"} parameters specified in the HTTP request URL (instead assumes they are
* specified in the {@code Authorization} header)
*
*
*
* Before using this library, you may need to set up your application as follows:
*
*
* - For web applications, you may need to first register your application with the authorization
* server. It may provide two pieces of information you need:
*
* - OAuth Consumer Key: use this as the {@code consumerKey} on every OAuth request, for example
* in {@link com.google.api.client.auth.oauth.AbstractOAuthGetToken#consumerKey}.
* - OAuth Consumer Secret: use this as the
* {@link com.google.api.client.auth.oauth.OAuthHmacSigner#clientSharedSecret} when using the {@code
* "HMAC-SHA1"} signature method.
*
*
* - For an installed application, an unregistered web application, or a web application running
* on localhost, you must use the {@code "HMAC-SHA1"} signature method. The documentation for the
* authorization server will need to provide you with the {@code consumerKey} and {@code
* clientSharedSecret} to use.
* - For the {@code "HMAC-SHA1"} signature method, use
* {@link com.google.api.client.auth.oauth.OAuthHmacSigner}.
* - For the {@code "RSA-SHA1"} signature method, use
* {@link com.google.api.client.auth.oauth.OAuthRsaSigner}.
*
*
* After the set up has been completed, the typical application flow is:
*
*
* - Request a temporary credentials token from the Authorization server using
* {@link com.google.api.client.auth.oauth.OAuthGetTemporaryToken}. A callback URL should be
* specified for web applications, but does not need to be specified for installed applications.
*
* - Direct the end user to an authorization web page to allow the end user to authorize the
* temporary token using using
* {@link com.google.api.client.auth.oauth.OAuthAuthorizeTemporaryTokenUrl}.
* - After the user has granted the authorization:
*
* - For web applications, the user's browser will be redirected to the callback URL which may be
* parsed using {@link com.google.api.client.auth.oauth.OAuthCallbackUrl}.
* - For installed applications, see the authorization server's documentation for figuring out the
* verification code.
*
*
* - Request to exchange the temporary token for a long-lived access token from the Authorization
* server using {@link com.google.api.client.auth.oauth.OAuthGetAccessToken}. This access token must
* be stored.
* - Use the stored access token to authorize HTTP requests to protected resources by setting the
* {@link com.google.api.client.auth.oauth.OAuthParameters#token} and invoking
* {@link com.google.api.client.auth.oauth.OAuthParameters#signRequestsUsingAuthorizationHeader}.
*
*
*
*
*
* Warning: this package is experimental, and its content may be changed in incompatible ways or
* possibly entirely removed in a future version of the library
*
*
* @since 1.0
* @author Yaniv Inbar
*/
package com.google.api.client.auth.oauth;
© 2015 - 2024 Weber Informatics LLC | Privacy Policy