com.auth0.client.auth

Class AuthAPI

java.lang.Object

com.auth0.client.auth.AuthAPI

public class AuthAPI
extends java.lang.Object

Class that provides an implementation of some of the Authentication and Authorization API methods defined in https://auth0.com/docs/api/authentication. To begin create a new instance of AuthAPI(String, String, String) using the tenant domain, and the Application's client id and client secret.

This class is not entirely thread-safe: A new immutable OkHttpClient instance is being created with each instantiation, not sharing the thread pool with any prior existing client instance.

Constructor Summary

Constructors

Constructor and Description
AuthAPI(java.lang.String domain, java.lang.String clientId, java.lang.String clientSecret) Create a new instance with the given tenant's domain, application's client id and client secret.
AuthAPI(java.lang.String domain, java.lang.String clientId, java.lang.String clientSecret, HttpOptions options) Create a new instance with the given tenant's domain, application's client id and client secret.

Method Summary

Modifier and Type	Method and Description
AuthorizeUrlBuilder	authorizeUrl(java.lang.String redirectUri) Creates an instance of the AuthorizeUrlBuilder with the given redirect url.
void	doNotSendTelemetry() Avoid sending Telemetry data in every request to the Auth0 servers.
AuthRequest	exchangeCode(java.lang.String code, java.lang.String redirectUri) Creates a request to exchange the code obtained in the /authorize call using the 'Authorization Code' grant.
AuthRequest	login(java.lang.String emailOrUsername, char[] password) Creates a log in request using the 'Password' grant and the given credentials.
AuthRequest	login(java.lang.String emailOrUsername, char[] password, java.lang.String realm) Creates a log in request using the 'Password Realm' grant and the given credentials.
AuthRequest	login(java.lang.String emailOrUsername, java.lang.String password) Deprecated. Use login(String, char[]) instead.
AuthRequest	login(java.lang.String emailOrUsername, java.lang.String password, java.lang.String realm) Deprecated. Use login(String, char[], String) instead.
LogoutUrlBuilder	logoutUrl(java.lang.String returnToUrl, boolean setClientId) Creates an instance of the LogoutUrlBuilder with the given return-to url.
AuthRequest	renewAuth(java.lang.String refreshToken) Creates a request to renew the authentication and get fresh new credentials using a valid Refresh Token and the 'refresh_token' grant.
AuthRequest	requestToken(java.lang.String audience) Creates a request to get a Token for the given audience using the 'Client Credentials' grant.
Request	resetPassword(java.lang.String email, java.lang.String connection) Request a password reset for the given email and database connection.
Request<java.lang.Void>	revokeToken(java.lang.String refreshToken) Creates a request to revoke an existing Refresh Token.
void	setLoggingEnabled(boolean enabled) Whether to enable or not the current HTTP Logger for every Request, Response and other sensitive information.
void	setTelemetry(Telemetry telemetry) Setter for the Telemetry to send in every request to Auth0.
SignUpRequest	signUp(java.lang.String email, char[] password, java.lang.String connection) Creates a sign up request with the given credentials and database connection.
SignUpRequest	signUp(java.lang.String email, java.lang.String username, char[] password, java.lang.String connection) Creates a sign up request with the given credentials and database connection.
SignUpRequest	signUp(java.lang.String email, java.lang.String password, java.lang.String connection) Deprecated. Use signUp(String, char[], String) instead.
SignUpRequest	signUp(java.lang.String email, java.lang.String username, java.lang.String password, java.lang.String connection) Deprecated. Use signUp(String, String, char[], String) instead.
Request<UserInfo>	userInfo(java.lang.String accessToken) Request the user information related to the access token.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

AuthAPI

public AuthAPI(java.lang.String domain,
               java.lang.String clientId,
               java.lang.String clientSecret,
               HttpOptions options)

Create a new instance with the given tenant's domain, application's client id and client secret. These values can be obtained at https://manage.auth0.com/#/applications/{YOUR_CLIENT_ID}/settings. In addition, accepts an HttpOptions that will be used to configure the networking client.

Parameters:

domain - tenant's domain.

clientId - the application's client id.

clientSecret - the application's client secret.

options - configuration options for this client instance.

See Also:

AuthAPI(String, String, String)

AuthAPI

public AuthAPI(java.lang.String domain,
               java.lang.String clientId,
               java.lang.String clientSecret)

Create a new instance with the given tenant's domain, application's client id and client secret. These values can be obtained at https://manage.auth0.com/#/applications/{YOUR_CLIENT_ID}/settings.

Parameters:

domain - tenant's domain.

clientId - the application's client id.

clientSecret - the application's client secret.

Method Detail

doNotSendTelemetry

public void doNotSendTelemetry()

Avoid sending Telemetry data in every request to the Auth0 servers.

setTelemetry

public void setTelemetry(Telemetry telemetry)

Setter for the Telemetry to send in every request to Auth0.

Parameters:

telemetry - to send in every request to Auth0

setLoggingEnabled

public void setLoggingEnabled(boolean enabled)

Whether to enable or not the current HTTP Logger for every Request, Response and other sensitive information.

Parameters:

enabled - whether to enable the HTTP logger or not.

authorizeUrl

public AuthorizeUrlBuilder authorizeUrl(java.lang.String redirectUri)

Creates an instance of the AuthorizeUrlBuilder with the given redirect url. i.e.:

 
 AuthAPI auth = new AuthAPI("me.auth0.com", "B3c6RYhk1v9SbIJcRIOwu62gIUGsnze", "2679NfkaBn62e6w5E8zNEzjr-yWfkaBne");
 String url = auth.authorizeUrl("https://me.auth0.com/callback")
      .withConnection("facebook")
      .withAudience("https://api.me.auth0.com/users")
      .withScope("openid contacts")
      .withState("my-custom-state")
      .build();
 
 

Parameters:

redirectUri - the redirect_uri value to set, white-listed in the Application settings. Must be already URL Encoded.

Returns:

a new instance of the AuthorizeUrlBuilder to configure.

logoutUrl

public LogoutUrlBuilder logoutUrl(java.lang.String returnToUrl,
                                  boolean setClientId)

Creates an instance of the LogoutUrlBuilder with the given return-to url. i.e.:

 
 AuthAPI auth = new AuthAPI("me.auth0.com", "B3c6RYhk1v9SbIJcRIOwu62gIUGsnze", "2679NfkaBn62e6w5E8zNEzjr-yWfkaBne");
 String url = auth.logoutUrl("https://me.auth0.com/home", true)
      .useFederated(true)
      .withAccessToken("A9CvPwFojaBIA9CvI");
 
 

Parameters:

returnToUrl - the redirect_uri value to set, white-listed in the Application settings. Must be already URL Encoded.

setClientId - whether the client_id value must be set or not. This affects the white-list that the Auth0's Dashboard uses to validate the returnTo url.

Returns:

a new instance of the LogoutUrlBuilder to configure.

userInfo

public Request<UserInfo> userInfo(java.lang.String accessToken)

Request the user information related to the access token. i.e.:

 
 AuthAPI auth = new AuthAPI("me.auth0.com", "B3c6RYhk1v9SbIJcRIOwu62gIUGsnze", "2679NfkaBn62e6w5E8zNEzjr-yWfkaBne");
 try {
      UserInfo result = auth.userInfo("A9CvPwFojaBIA9CvI").execute();
 } catch (Auth0Exception e) {
      //Something happened
 }
 
 

Parameters:

accessToken - a valid access token belonging to an API signed with RS256 algorithm and containing the scope 'openid'.

Returns:

a Request to execute.

resetPassword

public Request resetPassword(java.lang.String email,
                             java.lang.String connection)

Request a password reset for the given email and database connection. The response will always be successful even if there's no user associated to the given email for that database connection. i.e.:

 
 AuthAPI auth = new AuthAPI("me.auth0.com", "B3c6RYhk1v9SbIJcRIOwu62gIUGsnze", "2679NfkaBn62e6w5E8zNEzjr-yWfkaBne");
 try {
      auth.resetPassword("[email protected]", "db-connection").execute();
 } catch (Auth0Exception e) {
      //Something happened
 }
 
 

Parameters:

email - the email associated to the database user.

connection - the database connection where the user was created.

Returns:

a Request to execute.

signUp

@Deprecated
public SignUpRequest signUp(java.lang.String email,
                                        java.lang.String username,
                                        java.lang.String password,
                                        java.lang.String connection)

Deprecated. Use signUp(String, String, char[], String) instead.

Creates a sign up request with the given credentials and database connection. "Requires Username" option must be turned on in the Connection's configuration first. i.e.:

 
 AuthAPI auth = new AuthAPI("me.auth0.com", "B3c6RYhk1v9SbIJcRIOwu62gIUGsnze", "2679NfkaBn62e6w5E8zNEzjr-yWfkaBne");
 try {
      Map<String, String> fields = new HashMap<String, String>();
      fields.put("age", "25);
      fields.put("city", "Buenos Aires");
      auth.signUp("[email protected]", "myself", "topsecret", "db-connection")
          .setCustomFields(fields)
          .execute();
 } catch (Auth0Exception e) {
      //Something happened
 }
 
 

Parameters:

email - the desired user's email.

username - the desired user's username.

password - the desired user's password.

connection - the database connection where the user is going to be created.

Returns:

a Request to configure and execute.

signUp

public SignUpRequest signUp(java.lang.String email,
                            java.lang.String username,
                            char[] password,
                            java.lang.String connection)

Creates a sign up request with the given credentials and database connection. "Requires Username" option must be turned on in the Connection's configuration first. i.e.:

 
 AuthAPI auth = new AuthAPI("me.auth0.com", "B3c6RYhk1v9SbIJcRIOwu62gIUGsnze", "2679NfkaBn62e6w5E8zNEzjr-yWfkaBne");
 try {
      Map<String, String> fields = new HashMap<String, String>();
      fields.put("age", "25);
      fields.put("city", "Buenos Aires");
      auth.signUp("[email protected]", "myself", new char[]{'s','e','c','r','e','t'}, "db-connection")
          .setCustomFields(fields)
          .execute();
 } catch (Auth0Exception e) {
      //Something happened
 }
 
 

Parameters:

email - the desired user's email.

username - the desired user's username.

password - the desired user's password.

connection - the database connection where the user is going to be created.

Returns:

a Request to configure and execute.

signUp

@Deprecated
public SignUpRequest signUp(java.lang.String email,
                                        java.lang.String password,
                                        java.lang.String connection)

Deprecated. Use signUp(String, char[], String) instead.

Creates a sign up request with the given credentials and database connection. i.e.:

 
 AuthAPI auth = new AuthAPI("me.auth0.com", "B3c6RYhk1v9SbIJcRIOwu62gIUGsnze", "2679NfkaBn62e6w5E8zNEzjr-yWfkaBne");
 try {
      Map<String, String> fields = new HashMap<String, String>();
      fields.put("age", "25);
      fields.put("city", "Buenos Aires");
      auth.signUp("[email protected]", "topsecret", "db-connection")
          .setCustomFields(fields)
          .execute();
 } catch (Auth0Exception e) {
      //Something happened
 }
 
 

Parameters:

email - the desired user's email.

password - the desired user's password.

connection - the database connection where the user is going to be created.

Returns:

a Request to configure and execute.

signUp

public SignUpRequest signUp(java.lang.String email,
                            char[] password,
                            java.lang.String connection)

Creates a sign up request with the given credentials and database connection. i.e.:

 
 AuthAPI auth = new AuthAPI("me.auth0.com", "B3c6RYhk1v9SbIJcRIOwu62gIUGsnze", "2679NfkaBn62e6w5E8zNEzjr-yWfkaBne");
 try {
      Map<String, String> fields = new HashMap<String, String>();
      fields.put("age", "25);
      fields.put("city", "Buenos Aires");
      auth.signUp("[email protected]", new char[]{'s','e','c','r','e','t'}, "db-connection")
          .setCustomFields(fields)
          .execute();
 } catch (Auth0Exception e) {
      //Something happened
 }
 
 

Parameters:

email - the desired user's email.

password - the desired user's password.

connection - the database connection where the user is going to be created.

Returns:

a Request to configure and execute.

login

@Deprecated
public AuthRequest login(java.lang.String emailOrUsername,
                                     java.lang.String password)

Deprecated. Use login(String, char[]) instead.

Creates a log in request using the 'Password' grant and the given credentials. i.e.:

 
 AuthAPI auth = new AuthAPI("me.auth0.com", "B3c6RYhk1v9SbIJcRIOwu62gIUGsnze", "2679NfkaBn62e6w5E8zNEzjr-yWfkaBne");
 try {
      TokenHolder result = auth.login("[email protected]", "topsecret")
          .setScope("openid email nickname")
          .execute();
 } catch (Auth0Exception e) {
      //Something happened
 }
 
 

Parameters:

emailOrUsername - the identity of the user.

password - the password of the user.

Returns:

a Request to configure and execute.

login

public AuthRequest login(java.lang.String emailOrUsername,
                         char[] password)

Creates a log in request using the 'Password' grant and the given credentials. i.e.:

 
 AuthAPI auth = new AuthAPI("me.auth0.com", "B3c6RYhk1v9SbIJcRIOwu62gIUGsnze", "2679NfkaBn62e6w5E8zNEzjr-yWfkaBne");
 try {
      TokenHolder result = auth.login("[email protected]", new char[]{'s','e','c','r','e','t})
          .setScope("openid email nickname")
          .execute();
 } catch (Auth0Exception e) {
      //Something happened
 }
 
 

Parameters:

emailOrUsername - the identity of the user.

password - the password of the user.

Returns:

a Request to configure and execute.

login

@Deprecated
public AuthRequest login(java.lang.String emailOrUsername,
                                     java.lang.String password,
                                     java.lang.String realm)

Deprecated. Use login(String, char[], String) instead.

Creates a log in request using the 'Password Realm' grant and the given credentials. Default used realm and audience are defined in the "API Authorization Settings" in the account's advanced settings in the Auth0 Dashboard.

 
 AuthAPI auth = new AuthAPI("me.auth0.com", "B3c6RYhk1v9SbIJcRIOwu62gIUGsnze", "2679NfkaBn62e6w5E8zNEzjr-yWfkaBne");
 try {
      TokenHolder result = auth.login("[email protected]", "topsecret", "my-realm")
          .setAudience("https://myapi.me.auth0.com/users")
          .execute();
 } catch (Auth0Exception e) {
      //Something happened
 }
 
 

Parameters:

emailOrUsername - the identity of the user.

password - the password of the user.

realm - the realm to use.

Returns:

a Request to configure and execute.

login

public AuthRequest login(java.lang.String emailOrUsername,
                         char[] password,
                         java.lang.String realm)

Creates a log in request using the 'Password Realm' grant and the given credentials. Default used realm and audience are defined in the "API Authorization Settings" in the account's advanced settings in the Auth0 Dashboard.

 
 AuthAPI auth = new AuthAPI("me.auth0.com", "B3c6RYhk1v9SbIJcRIOwu62gIUGsnze", "2679NfkaBn62e6w5E8zNEzjr-yWfkaBne");
 try {
      TokenHolder result = auth.login("[email protected]", new char[]{'s','e','c','r','e','t'}, "my-realm")
          .setAudience("https://myapi.me.auth0.com/users")
          .execute();
 } catch (Auth0Exception e) {
      //Something happened
 }
 
 

Parameters:

emailOrUsername - the identity of the user.

password - the password of the user.

realm - the realm to use.

Returns:

a Request to configure and execute.

requestToken

public AuthRequest requestToken(java.lang.String audience)

Creates a request to get a Token for the given audience using the 'Client Credentials' grant. Default used realm is defined in the "API Authorization Settings" in the account's advanced settings in the Auth0 Dashboard.

 
 AuthAPI auth = new AuthAPI("me.auth0.com", "B3c6RYhk1v9SbIJcRIOwu62gIUGsnze", "2679NfkaBn62e6w5E8zNEzjr-yWfkaBne");
 try {
      TokenHolder result = auth.requestToken("https://myapi.me.auth0.com/users")
          .setRealm("my-realm")
          .execute();
 } catch (Auth0Exception e) {
      //Something happened
 }
 
 

Parameters:

audience - the audience of the API to request access to.

Returns:

a Request to configure and execute.

revokeToken

public Request<java.lang.Void> revokeToken(java.lang.String refreshToken)

Creates a request to revoke an existing Refresh Token.

 
 AuthAPI auth = new AuthAPI("me.auth0.com", "B3c6RYhk1v9SbIJcRIOwu62gIUGsnze", "2679NfkaBn62e6w5E8zNEzjr-yWfkaBne");
 try {
      auth.revokeToken("ej2E8zNEzjrcSD2edjaE")
          .execute();
 } catch (Auth0Exception e) {
      //Something happened
 }
 
 

Parameters:

refreshToken - the refresh token to revoke.

Returns:

a Request to execute.

renewAuth

public AuthRequest renewAuth(java.lang.String refreshToken)

Creates a request to renew the authentication and get fresh new credentials using a valid Refresh Token and the 'refresh_token' grant.

 
 AuthAPI auth = new AuthAPI("me.auth0.com", "B3c6RYhk1v9SbIJcRIOwu62gIUGsnze", "2679NfkaBn62e6w5E8zNEzjr-yWfkaBne");
 try {
      TokenHolder result = auth.renewAuth("ej2E8zNEzjrcSD2edjaE")
          .execute();
 } catch (Auth0Exception e) {
      //Something happened
 }
 
 

Parameters:

refreshToken - the refresh token to use to get fresh new credentials.

Returns:

a Request to configure and execute.

exchangeCode

public AuthRequest exchangeCode(java.lang.String code,
                                java.lang.String redirectUri)

Creates a request to exchange the code obtained in the /authorize call using the 'Authorization Code' grant.

 
 AuthAPI auth = new AuthAPI("me.auth0.com", "B3c6RYhk1v9SbIJcRIOwu62gIUGsnze", "2679NfkaBn62e6w5E8zNEzjr-yWfkaBne");
 try {
      TokenHolder result = auth.exchangeCode("SnWoFLMzApDskr", "https://me.auth0.com/callback")
          .setScope("openid name nickname")
          .execute();
 } catch (Auth0Exception e) {
      //Something happened
 }
 
 

Parameters:

code - the authorization code received from the /authorize call.

redirectUri - the redirect uri sent on the /authorize call.

Returns:

a Request to configure and execute.