tessl/maven-com-google-oauth-client--google-oauth-client-java6
Java 6+ extensions to the Google OAuth Client Library providing verification code receivers and credential persistence for OAuth 2.0 flows
—
Pending
authorization-flow.mddocs/
Authorization Code Flow
OAuth 2.0 authorization code flow implementation for installed applications, providing complete integration with browser launching, verification code handling, and credential management.
Capabilities
AuthorizationCodeInstalledApp
Main class that orchestrates the OAuth 2.0 authorization flow for installed applications.
/**
* OAuth 2.0 authorization code flow for an installed Java application that persists end-user credentials.
* Implementation is thread-safe.
*/
public class AuthorizationCodeInstalledApp {
/**
* Constructor with default browser support.
* @param flow authorization code flow
* @param receiver verification code receiver
*/
public AuthorizationCodeInstalledApp(
AuthorizationCodeFlow flow,
VerificationCodeReceiver receiver);
/**
* Constructor with custom browser implementation.
* @param flow authorization code flow
* @param receiver verification code receiver
* @param browser custom browser implementation
*/
public AuthorizationCodeInstalledApp(
AuthorizationCodeFlow flow,
VerificationCodeReceiver receiver,
Browser browser);
/**
* Authorizes the installed application to access user's protected data.
* @param userId user ID or null if not using a persisted credential store
* @return credential with access token and optional refresh token
* @throws IOException if authorization fails
*/
public Credential authorize(String userId) throws IOException;
/** Returns the authorization code flow. */
public final AuthorizationCodeFlow getFlow();
/** Returns the verification code receiver. */
public final VerificationCodeReceiver getReceiver();
/**
* Open a browser at the given URL using Desktop if available,
* or alternatively output the URL to System.out for command-line applications.
* @param url URL to browse
*/
public static void browse(String url);
}Usage Example:
import com.google.api.client.auth.oauth2.AuthorizationCodeFlow;
import com.google.api.client.auth.oauth2.BearerToken;
import com.google.api.client.auth.oauth2.Credential;
import com.google.api.client.extensions.java6.auth.oauth2.AuthorizationCodeInstalledApp;
import com.google.api.client.extensions.java6.auth.oauth2.AbstractPromptReceiver;
import com.google.api.client.http.javanet.NetHttpTransport;
import com.google.api.client.json.gson.GsonFactory;
// Create a prompt receiver for out-of-band authorization
class OobReceiver extends AbstractPromptReceiver {
@Override
public String getRedirectUri() {
return "urn:ietf:wg:oauth:2.0:oob";
}
}
// Set up the authorization flow
AuthorizationCodeFlow flow = new AuthorizationCodeFlow.Builder(
BearerToken.authorizationHeaderAccessMethod(),
new NetHttpTransport(),
GsonFactory.getDefaultInstance(),
new GenericUrl("https://oauth2.googleapis.com/token"),
new ClientParametersAuthentication("your-client-id", "your-client-secret"),
"your-client-id",
"https://accounts.google.com/o/oauth2/auth")
.setScopes(Arrays.asList("https://www.googleapis.com/auth/drive"))
.build();
// Authorize the user
OobReceiver receiver = new OobReceiver();
AuthorizationCodeInstalledApp app = new AuthorizationCodeInstalledApp(flow, receiver);
Credential credential = app.authorize("user-id");
// Use the credential for API calls
if (credential.getAccessToken() != null) {
System.out.println("Authorization successful!");
}Browser Interface
Interface for custom browser implementations to handle authorization URL opening.
/**
* Helper interface to allow caller to browse.
*/
public static interface Browser {
/**
* Browse to the specified URL.
* @param url url to browse
* @throws IOException if browsing fails
*/
public void browse(String url) throws IOException;
}DefaultBrowser
Default browser implementation that delegates to the static browse method.
/**
* Default browser that just delegates to AuthorizationCodeInstalledApp.browse(String).
*/
public static class DefaultBrowser implements Browser {
@Override
public void browse(String url) throws IOException;
}Protected Methods
onAuthorization
Hook method for customizing the authorization process, such as adding state parameters.
/**
* Handles user authorization by redirecting to the OAuth 2.0 authorization server.
* Default implementation calls browse(authorizationUrl.build()).
* @param authorizationUrl authorization URL that can be customized
* @throws IOException I/O exception
*/
protected void onAuthorization(AuthorizationCodeRequestUrl authorizationUrl) throws IOException;Customization Example:
class CustomInstalledApp extends AuthorizationCodeInstalledApp {
public CustomInstalledApp(AuthorizationCodeFlow flow, VerificationCodeReceiver receiver) {
super(flow, receiver);
}
@Override
protected void onAuthorization(AuthorizationCodeRequestUrl authorizationUrl) throws IOException {
// Add state parameter for security
authorizationUrl.setState("random-state-value");
// Add additional parameters
authorizationUrl.set("prompt", "consent");
super.onAuthorization(authorizationUrl);
}
}Flow Process
- Check Existing Credentials: Loads existing credential for the user ID if available
- Validate Existing Token: Checks if current credential is valid and not expired
- Browser Launch: Opens authorization URL in user's default browser
- Code Collection: Waits for user to paste verification code via the receiver
- Token Exchange: Exchanges authorization code for access token and refresh token
- Credential Storage: Stores the new credential using the flow's credential store
- Cleanup: Stops the verification code receiver and releases resources
Install with Tessl CLI
npx tessl i tessl/maven-com-google-oauth-client--google-oauth-client-java6