Package net.openid.appauth
Class CodeVerifierUtil
- java.lang.Object
-
- net.openid.appauth.CodeVerifierUtil
-
public final class CodeVerifierUtil extends Object
Generates code verifiers and challenges for PKCE exchange.- See Also:
“Proof Key for Code Exchange by OAuth Public Clients (RFC 7636) https://tools.ietf.org/html/rfc7636”
-
-
Field Summary
Fields Modifier and Type Field Description static int
DEFAULT_CODE_VERIFIER_ENTROPY
The default entropy (in bytes) used for the code verifier.static int
MAX_CODE_VERIFIER_ENTROPY
The maximum permitted entropy (in bytes) for use withgenerateRandomCodeVerifier(SecureRandom,int)
.static int
MAX_CODE_VERIFIER_LENGTH
The maximum permitted length for a code verifier.static int
MIN_CODE_VERIFIER_ENTROPY
The minimum permitted entropy (in bytes) for use withgenerateRandomCodeVerifier(SecureRandom,int)
.static int
MIN_CODE_VERIFIER_LENGTH
The minimum permitted length for a code verifier.
-
Method Summary
All Methods Static Methods Concrete Methods Modifier and Type Method Description static void
checkCodeVerifier(String codeVerifier)
Throws an IllegalArgumentException if the provided code verifier is invalid.static String
deriveCodeVerifierChallenge(String codeVerifier)
Produces a challenge from a code verifier, using SHA-256 as the challenge method if the system supports it (all Android devices should support SHA-256), and falls back to the"plain" challenge type
if unavailable.static String
generateRandomCodeVerifier()
Generates a random code verifier string usingSecureRandom
as the source of entropy, with the default entropy quantity as defined byDEFAULT_CODE_VERIFIER_ENTROPY
.static String
generateRandomCodeVerifier(SecureRandom entropySource, int entropyBytes)
Generates a random code verifier string using the provided entropy source and the specified number of bytes of entropy.static String
getCodeVerifierChallengeMethod()
-
-
-
Field Detail
-
MIN_CODE_VERIFIER_LENGTH
public static final int MIN_CODE_VERIFIER_LENGTH
The minimum permitted length for a code verifier.- See Also:
“Proof Key for Code Exchange by OAuth Public Clients (RFC 7636), Section 4.1 https://tools.ietf.org/html/rfc7636#section-4.1”
, Constant Field Values
-
MAX_CODE_VERIFIER_LENGTH
public static final int MAX_CODE_VERIFIER_LENGTH
The maximum permitted length for a code verifier.- See Also:
“Proof Key for Code Exchange by OAuth Public Clients (RFC 7636), Section 4.1 https://tools.ietf.org/html/rfc7636#section-4.1”
, Constant Field Values
-
DEFAULT_CODE_VERIFIER_ENTROPY
public static final int DEFAULT_CODE_VERIFIER_ENTROPY
The default entropy (in bytes) used for the code verifier.- See Also:
- Constant Field Values
-
MIN_CODE_VERIFIER_ENTROPY
public static final int MIN_CODE_VERIFIER_ENTROPY
The minimum permitted entropy (in bytes) for use withgenerateRandomCodeVerifier(SecureRandom,int)
.- See Also:
- Constant Field Values
-
MAX_CODE_VERIFIER_ENTROPY
public static final int MAX_CODE_VERIFIER_ENTROPY
The maximum permitted entropy (in bytes) for use withgenerateRandomCodeVerifier(SecureRandom,int)
.- See Also:
- Constant Field Values
-
-
Method Detail
-
checkCodeVerifier
public static void checkCodeVerifier(String codeVerifier)
Throws an IllegalArgumentException if the provided code verifier is invalid.- See Also:
“Proof Key for Code Exchange by OAuth Public Clients (RFC 7636), Section 4.1 https://tools.ietf.org/html/rfc7636#section-4.1”
-
generateRandomCodeVerifier
public static String generateRandomCodeVerifier()
Generates a random code verifier string usingSecureRandom
as the source of entropy, with the default entropy quantity as defined byDEFAULT_CODE_VERIFIER_ENTROPY
.
-
generateRandomCodeVerifier
public static String generateRandomCodeVerifier(SecureRandom entropySource, int entropyBytes)
Generates a random code verifier string using the provided entropy source and the specified number of bytes of entropy.
-
deriveCodeVerifierChallenge
public static String deriveCodeVerifierChallenge(String codeVerifier)
Produces a challenge from a code verifier, using SHA-256 as the challenge method if the system supports it (all Android devices should support SHA-256), and falls back to the"plain" challenge type
if unavailable.
-
getCodeVerifierChallengeMethod
public static String getCodeVerifierChallengeMethod()
-
-