Package net.openid.appauth
AppAuth for Android is a client SDK for communication with OAuth2 and OpenID Connect providers. It strives to directly map the requests and responses of those specifications, while following the idiomatic style of the implementation language. In addition to mapping the raw protocol flows, convenience methods are available to assist with common tasks like performing an action with fresh tokens.
The library follows the best practices set out in
RFC 8252 - OAuth 2.0 for Native Apps
including using
Custom
Tabs for the auth request. For this reason, WebView
is explicitly
_not_ supported due to usability and security reasons.
The library also supports the PKCE extension to OAuth which was created to secure authorization codes in public clients when custom URI scheme redirects are used. The library is friendly to other extensions (standard or otherwise) with the ability to handle additional parameters in all protocol requests and responses.
-
Interface Summary Interface Description AuthorizationManagementRequest A base request for session management modelsAuthorizationRequest
EndSessionRequest
AuthorizationService.RegistrationResponseCallback Callback interface for token endpoint requests.AuthorizationService.TokenResponseCallback Callback interface for token endpoint requests.AuthorizationServiceConfiguration.RetrieveConfigurationCallback Callback interface for configuration retrieval.AuthState.AuthStateAction Interface for actions executed in the context of fresh (non-expired) tokens.ClientAuthentication -
Class Summary Class Description AppAuthConfiguration Defines configuration properties that control the behavior of the AppAuth library, independent of the OAuth2 specific details that are described.AppAuthConfiguration.Builder CreatesAppAuthConfiguration
instances.AuthorizationException.AuthorizationRequestErrors Error codes related to failed authorization requests.AuthorizationException.GeneralErrors Error codes specific to AppAuth for Android, rather than those defined in the OAuth2 and OpenID specifications.AuthorizationException.RegistrationRequestErrors Error codes related to failed registration requests.AuthorizationException.TokenRequestErrors Error codes related to failed token requests.AuthorizationManagementActivity Stores state and handles events related to the authorization management flow.AuthorizationManagementResponse A base response for session management modelsAuthorizationResponse
EndSessionResponse
AuthorizationRequest An OAuth2 authorization request.AuthorizationRequest.Builder Creates instances ofAuthorizationRequest
.AuthorizationRequest.Display All spec-defined values for the OpenID Connect 1.0display
parameter.AuthorizationRequest.Prompt All spec-defined values for the OpenID Connect 1.0prompt
parameter.AuthorizationRequest.ResponseMode All spec-defined values for the OAuth2 / OpenID Connectresponse_mode
parameter.AuthorizationRequest.Scope All spec-defined values for the OAuth2 / OpenID Connect 1.0scope
parameter.AuthorizationResponse A response to an authorization request.AuthorizationResponse.Builder Creates instances ofAuthorizationResponse
.AuthorizationService Dispatches requests to an OAuth2 authorization service.AuthorizationServiceConfiguration Configuration details required to interact with an authorization service.AuthorizationServiceDiscovery An OpenID Connect 1.0 Discovery Document.AuthState Collects authorization state from authorization requests and responses.ClientSecretBasic Implementation of the client authentication method ‘client_secret_basic’.ClientSecretPost Implementation of the client authentication method ‘client_secret_post’.CodeVerifierUtil Generates code verifiers and challenges for PKCE exchange.EndSessionRequest An OpenID end session request.EndSessionRequest.Builder Creates instances ofEndSessionRequest
.EndSessionResponse A response to end session request.EndSessionResponse.Builder Creates instances ofEndSessionResponse
.GrantTypeValues The grant type values defined by the OAuth2 spec, and used inauthorization
anddynamic client registration
requests.IdToken An OpenID Connect ID Token.NoClientAuthentication Implementation of the client authentication method ‘none’.Preconditions Utility class for guava style pre-condition checks.RedirectUriReceiverActivity Activity that receives the redirect Uri sent by the OpenID endpoint.RegistrationRequest RegistrationRequest.Builder Creates instances ofRegistrationRequest
.RegistrationResponse RegistrationResponse.Builder ResponseTypeValues The response type values defined by the OAuth 2.0 and OpenID Connect Core 1.0 specifications, used inauthorization
anddynamic client registration
requests.TokenRequest An OAuth2 token request.TokenRequest.Builder Creates instances ofTokenRequest
.TokenResponse A response to a token request.TokenResponse.Builder Creates instances ofTokenResponse
. -
Exception Summary Exception Description AuthorizationException Returned as a response to OAuth2 requests if they fail.AuthorizationServiceDiscovery.MissingArgumentException Thrown when a mandatory property is missing from the discovery document.ClientAuthentication.UnsupportedAuthenticationMethod Thrown when a mandatory property is missing from the registration response.RegistrationResponse.MissingArgumentException Thrown when a mandatory property is missing from the registration response.