Class AuthorizationResponse
- java.lang.Object
-
- net.openid.appauth.AuthorizationManagementResponse
-
- net.openid.appauth.AuthorizationResponse
-
public class AuthorizationResponse extends AuthorizationManagementResponse
A response to an authorization request.- See Also:
AuthorizationRequest
,“The OAuth 2.0 Authorization Framework (RFC 6749), Section 4.1.2 https://tools.ietf.org/html/rfc6749#section-4.1.2”
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static class
AuthorizationResponse.Builder
Creates instances ofAuthorizationResponse
.
-
Field Summary
Fields Modifier and Type Field Description String
accessToken
The access token retrieved as part of the authorization flow.Long
accessTokenExpirationTime
The approximate expiration time of the access token, as milliseconds from the UNIX epoch.Map<String,String>
additionalParameters
The additional, non-standard parameters in the response.String
authorizationCode
The authorization code generated by the authorization server.static String
EXTRA_RESPONSE
The extra string used to store anAuthorizationResponse
in an intent bytoIntent()
.String
idToken
The id token retrieved as part of the authorization flow.AuthorizationRequest
request
The authorization request associated with this response.String
scope
The scope of the returned access token.String
state
The returned state parameter, which must match the value specified in the request.static String
TOKEN_TYPE_BEARER
Indicates that a provided access token is a bearer token.String
tokenType
The type of the retrieved token.
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description TokenRequest
createTokenExchangeRequest()
Creates a follow-up request to exchange a received authorization code for tokens.TokenRequest
createTokenExchangeRequest(Map<String,String> additionalExchangeParameters)
Creates a follow-up request to exchange a received authorization code for tokens, including the provided additional parameters.static AuthorizationResponse
fromIntent(Intent dataIntent)
Extracts an authorization response from an intent produced bytoIntent()
.Set<String>
getScopeSet()
Derives the set of scopes from the consolidated, space-delimited scopes in thescope
field.String
getState()
boolean
hasAccessTokenExpired()
Determines whether the returned access token has expired.static AuthorizationResponse
jsonDeserialize(String jsonStr)
Reads an authorization request from a JSON string representation produced byAuthorizationManagementResponse.jsonSerializeString()
.static AuthorizationResponse
jsonDeserialize(JSONObject json)
Reads an authorization response from a JSON string representation produced byjsonSerialize()
.JSONObject
jsonSerialize()
Produces a JSON representation of the authorization response for persistent storage or local transmission (e.g.Intent
toIntent()
Produces an intent containing this authorization response.-
Methods inherited from class net.openid.appauth.AuthorizationManagementResponse
jsonSerializeString
-
-
-
-
Field Detail
-
EXTRA_RESPONSE
public static final String EXTRA_RESPONSE
The extra string used to store anAuthorizationResponse
in an intent bytoIntent()
.- See Also:
- Constant Field Values
-
TOKEN_TYPE_BEARER
public static final String TOKEN_TYPE_BEARER
Indicates that a provided access token is a bearer token.- See Also:
“The OAuth 2.0 Authorization Framework (RFC 6749), Section 7.1 https://tools.ietf.org/html/rfc6749#section-7.1”
, Constant Field Values
-
request
@NonNull public final AuthorizationRequest request
The authorization request associated with this response.
-
state
@Nullable public final String state
The returned state parameter, which must match the value specified in the request.AppAuth for Android ensures that this is the case.
-
tokenType
@Nullable public final String tokenType
The type of the retrieved token.Typically this is “Bearer” when present. Otherwise, another token_type value that the Client has negotiated with the Authorization Server.
- See Also:
“OpenID Connect Core 1.0, Section 3.2.2.5 https://openid.net/specs/openid-connect-core-1_0.html#rfc.section.3.2.2.5”
-
authorizationCode
@Nullable public final String authorizationCode
The authorization code generated by the authorization server.Set when the response_type requested includes ‘code’.
-
accessToken
@Nullable public final String accessToken
The access token retrieved as part of the authorization flow.This is available when the
response_type
of the request included ‘token’.- See Also:
“OpenID Connect Core 1.0, Section 3.2.2.5 https://openid.net/specs/openid-connect-core-1_0.html#rfc.section.3.2.2.5”
-
accessTokenExpirationTime
@Nullable public final Long accessTokenExpirationTime
The approximate expiration time of the access token, as milliseconds from the UNIX epoch.Set when the requested
response_type
included ‘token’.- See Also:
“OpenID Connect Core 1.0, Section 3.2.2.5 https://openid.net/specs/openid-connect-core-1_0.html#rfc.section.3.2.2.5”
-
idToken
@Nullable public final String idToken
The id token retrieved as part of the authorization flow.This is available when the
response_type
of the request included ‘id_token’.- See Also:
“OpenID Connect Core 1.0, Section 2 https://openid.net/specs/openid-connect-core-1_0.html#rfc.section.2”
,“OpenID Connect Core 1.0, Section 3.2.2.5 https://openid.net/specs/openid-connect-core-1_0.html#rfc.section.3.2.2.5”
-
scope
@Nullable public final String scope
The scope of the returned access token.If this is not specified, the scope is assumed to be the same as what was originally requested.
-
additionalParameters
@NonNull public final Map<String,String> additionalParameters
The additional, non-standard parameters in the response.
-
-
Method Detail
-
hasAccessTokenExpired
public boolean hasAccessTokenExpired()
Determines whether the returned access token has expired.
-
getScopeSet
@Nullable public Set<String> getScopeSet()
Derives the set of scopes from the consolidated, space-delimited scopes in thescope
field.If no scopes were specified on this response, the method will return
null
.
-
createTokenExchangeRequest
@NonNull public TokenRequest createTokenExchangeRequest()
Creates a follow-up request to exchange a received authorization code for tokens.
-
createTokenExchangeRequest
@NonNull public TokenRequest createTokenExchangeRequest(@NonNull Map<String,String> additionalExchangeParameters)
Creates a follow-up request to exchange a received authorization code for tokens, including the provided additional parameters.
-
getState
@Nullable public String getState()
- Specified by:
getState
in classAuthorizationManagementResponse
-
jsonSerialize
@NonNull public JSONObject jsonSerialize()
Produces a JSON representation of the authorization response for persistent storage or local transmission (e.g.between activities).
- Specified by:
jsonSerialize
in classAuthorizationManagementResponse
-
jsonDeserialize
@NonNull public static AuthorizationResponse jsonDeserialize(@NonNull JSONObject json) throws JSONException
Reads an authorization response from a JSON string representation produced byjsonSerialize()
.- Throws:
JSONException
- if the provided JSON does not match the expected structure.
-
jsonDeserialize
@NonNull public static AuthorizationResponse jsonDeserialize(@NonNull String jsonStr) throws JSONException
Reads an authorization request from a JSON string representation produced byAuthorizationManagementResponse.jsonSerializeString()
.This method is just a convenience wrapper for
jsonDeserialize(JSONObject)
, converting the JSON string to its JSON object form.- Throws:
JSONException
- if the provided JSON does not match the expected structure.
-
toIntent
@NonNull public Intent toIntent()
Produces an intent containing this authorization response.This is used to deliver the authorization response to the registered handler after a call to
AuthorizationService.performAuthorizationRequest(net.openid.appauth.AuthorizationRequest, android.app.PendingIntent)
.- Specified by:
toIntent
in classAuthorizationManagementResponse
-
fromIntent
@Nullable public static AuthorizationResponse fromIntent(@NonNull Intent dataIntent)
Extracts an authorization response from an intent produced bytoIntent()
.This is used to extract the response from the intent data passed to an activity registered as the handler for
AuthorizationService.performAuthorizationRequest(net.openid.appauth.AuthorizationRequest, android.app.PendingIntent)
.
-
-