tessl/maven-com-google-oauth-client--google-oauth-client-java6
Java 6+ extensions to the Google OAuth Client Library providing verification code receivers and credential persistence for OAuth 2.0 flows
—
Pending
verification-receivers.mddocs/
Verification Code Receivers
Interface and implementations for receiving OAuth 2.0 verification codes from users during the authorization process. These components handle the user interaction portion of OAuth 2.0 flows.
Capabilities
VerificationCodeReceiver Interface
Core interface that defines how verification codes are received from users during OAuth 2.0 authorization flows.
/**
* OAuth 2.0 verification code receiver.
* Implementation should be thread-safe.
*/
public interface VerificationCodeReceiver {
/**
* Returns the redirect URI to be used in the authorization request.
* @return redirect URI string
* @throws IOException if URI generation fails
*/
String getRedirectUri() throws IOException;
/**
* Waits for a verification code from the user.
* This method blocks until a code is received.
* @return verification code string
* @throws IOException if code reception fails
*/
String waitForCode() throws IOException;
/**
* Releases any resources and stops any processes started.
* @throws IOException if resource cleanup fails
*/
void stop() throws IOException;
}AbstractPromptReceiver
Abstract implementation that prompts the user to manually enter the verification code via console input. Suitable for command-line applications and scenarios where automatic code reception is not possible.
/**
* OAuth 2.0 abstract verification code receiver that prompts user to paste the code
* copied from the browser. Implementation is thread-safe.
*/
public abstract class AbstractPromptReceiver implements VerificationCodeReceiver {
/**
* Prompts the user to enter the verification code via console input.
* Continues prompting until a non-empty code is entered.
* @return verification code entered by user
*/
@Override
public String waitForCode();
/**
* No-op implementation since no resources need to be stopped.
*/
@Override
public void stop();
// Abstract method - must be implemented by subclasses
/**
* Returns the redirect URI. Typically "urn:ietf:wg:oauth:2.0:oob" for out-of-band flows.
* @return redirect URI for the authorization request
* @throws IOException if URI generation fails
*/
public abstract String getRedirectUri() throws IOException;
}Usage Example:
import com.google.api.client.extensions.java6.auth.oauth2.AbstractPromptReceiver;
// Create a simple console-based receiver for out-of-band authorization
public class ConsoleReceiver extends AbstractPromptReceiver {
@Override
public String getRedirectUri() throws IOException {
// Out-of-band redirect URI for manual code entry
return "urn:ietf:wg:oauth:2.0:oob";
}
}
// Usage in authorization flow
ConsoleReceiver receiver = new ConsoleReceiver();
AuthorizationCodeInstalledApp app = new AuthorizationCodeInstalledApp(flow, receiver);
// When authorize() is called:
// 1. Browser opens to authorization URL
// 2. User grants permission and copies the code
// 3. Console prompts: "Please enter code: "
// 4. User pastes the code and presses Enter
// 5. Authorization completes
Credential credential = app.authorize("user-id");Custom Receiver Example:
import com.google.api.client.extensions.java6.auth.oauth2.VerificationCodeReceiver;
import java.util.Scanner;
// Custom receiver that uses a GUI dialog instead of console
public class DialogReceiver implements VerificationCodeReceiver {
private JDialog dialog;
private String code;
@Override
public String getRedirectUri() throws IOException {
return "urn:ietf:wg:oauth:2.0:oob";
}
@Override
public String waitForCode() throws IOException {
SwingUtilities.invokeLater(() -> {
dialog = new JDialog();
JTextField codeField = new JTextField(30);
JButton okButton = new JButton("OK");
okButton.addActionListener(e -> {
code = codeField.getText();
dialog.dispose();
});
dialog.add(new JLabel("Enter verification code:"));
dialog.add(codeField);
dialog.add(okButton);
dialog.setModal(true);
dialog.pack();
dialog.setVisible(true);
});
// Wait for dialog completion
while (code == null) {
Thread.sleep(100);
}
return code;
}
@Override
public void stop() throws IOException {
if (dialog != null) {
dialog.dispose();
}
}
}Implementation Guidelines
Thread Safety
All VerificationCodeReceiver implementations should be thread-safe as specified in the interface documentation.
Resource Management
Always implement the stop() method to properly clean up resources:
- Close network connections
- Dispose of GUI components
- Stop background threads
- Release file handles
Error Handling
Handle common error scenarios:
- User cancellation (return null or throw specific exception)
- Network timeouts for web-based receivers
- Invalid code formats
- I/O errors during code reception
Redirect URI Patterns
Common redirect URI patterns:
"urn:ietf:wg:oauth:2.0:oob"- Out-of-band (manual code entry)"http://localhost:8080"- Local HTTP server"http://localhost:0"- Local HTTP server with random port- Custom protocol schemes for desktop applications
Out-of-Band Authorization Flow
The out-of-band (OOB) flow is commonly used with AbstractPromptReceiver:
- Authorization URL: Generated with redirect URI
urn:ietf:wg:oauth:2.0:oob - User Action: User visits URL in browser and grants permission
- Code Display: Authorization server displays verification code to user
- Manual Entry: User copies code and pastes it into application prompt
- Token Exchange: Application exchanges code for access token
This flow is ideal for:
- Command-line applications
- Applications without HTTP server capabilities
- Environments where localhost redirection is not available
Install with Tessl CLI
npx tessl i tessl/maven-com-google-oauth-client--google-oauth-client-java6