Package net.openid.appauth

Class AuthorizationResponse

java.lang.Object

net.openid.appauth.AuthorizationManagementResponse

net.openid.appauth.AuthorizationResponse

public class AuthorizationResponse
extends AuthorizationManagementResponse

A response to an authorization request.

See Also:

AuthorizationRequest, “The OAuth 2.0 Authorization Framework (RFC 6749), Section 4.1.2 https://tools.ietf.org/html/rfc6749#section-4.1.2”

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static class	AuthorizationResponse.Builder	Creates instances of AuthorizationResponse.

Field Summary

Fields

Modifier and Type	Field	Description
String	accessToken	The access token retrieved as part of the authorization flow.
Long	accessTokenExpirationTime	The approximate expiration time of the access token, as milliseconds from the UNIX epoch.
Map<String,String>	additionalParameters	The additional, non-standard parameters in the response.
String	authorizationCode	The authorization code generated by the authorization server.
static String	EXTRA_RESPONSE	The extra string used to store an AuthorizationResponse in an intent by toIntent().
String	idToken	The id token retrieved as part of the authorization flow.
AuthorizationRequest	request	The authorization request associated with this response.
String	scope	The scope of the returned access token.
String	state	The returned state parameter, which must match the value specified in the request.
static String	TOKEN_TYPE_BEARER	Indicates that a provided access token is a bearer token.
String	tokenType	The type of the retrieved token.

Method Summary

Modifier and Type	Method	Description
TokenRequest	createTokenExchangeRequest()	Creates a follow-up request to exchange a received authorization code for tokens.
TokenRequest	createTokenExchangeRequest(Map<String,String> additionalExchangeParameters)	Creates a follow-up request to exchange a received authorization code for tokens, including the provided additional parameters.
static AuthorizationResponse	fromIntent(Intent dataIntent)	Extracts an authorization response from an intent produced by toIntent().
Set<String>	getScopeSet()	Derives the set of scopes from the consolidated, space-delimited scopes in the scope field.
String	getState()
boolean	hasAccessTokenExpired()	Determines whether the returned access token has expired.
static AuthorizationResponse	jsonDeserialize(String jsonStr)	Reads an authorization request from a JSON string representation produced by AuthorizationManagementResponse.jsonSerializeString().
static AuthorizationResponse	jsonDeserialize(JSONObject json)	Reads an authorization response from a JSON string representation produced by jsonSerialize().
JSONObject	jsonSerialize()	Produces a JSON representation of the authorization response for persistent storage or local transmission (e.g.
Intent	toIntent()	Produces an intent containing this authorization response.

Methods inherited from class net.openid.appauth.AuthorizationManagementResponse

jsonSerializeString

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

EXTRA_RESPONSE

public static final String EXTRA_RESPONSE

The extra string used to store an AuthorizationResponse in an intent by toIntent().

See Also:

Constant Field Values

TOKEN_TYPE_BEARER

public static final String TOKEN_TYPE_BEARER

Indicates that a provided access token is a bearer token.

See Also:

“The OAuth 2.0 Authorization Framework (RFC 6749), Section 7.1 https://tools.ietf.org/html/rfc6749#section-7.1”, Constant Field Values

request

@NonNull
public final AuthorizationRequest request

The authorization request associated with this response.

state

@Nullable
public final String state

The returned state parameter, which must match the value specified in the request.

AppAuth for Android ensures that this is the case.

tokenType

@Nullable
public final String tokenType

The type of the retrieved token.

Typically this is “Bearer” when present. Otherwise, another token_type value that the Client has negotiated with the Authorization Server.

See Also:

“OpenID Connect Core 1.0, Section 3.2.2.5 https://openid.net/specs/openid-connect-core-1_0.html#rfc.section.3.2.2.5”

authorizationCode

@Nullable
public final String authorizationCode

The authorization code generated by the authorization server.

Set when the response_type requested includes ‘code’.

accessToken

@Nullable
public final String accessToken

The access token retrieved as part of the authorization flow.

This is available when the response_type of the request included ‘token’.

See Also:

“OpenID Connect Core 1.0, Section 3.2.2.5 https://openid.net/specs/openid-connect-core-1_0.html#rfc.section.3.2.2.5”

accessTokenExpirationTime

@Nullable
public final Long accessTokenExpirationTime

The approximate expiration time of the access token, as milliseconds from the UNIX epoch.

Set when the requested response_type included ‘token’.

See Also:

“OpenID Connect Core 1.0, Section 3.2.2.5 https://openid.net/specs/openid-connect-core-1_0.html#rfc.section.3.2.2.5”

idToken

@Nullable
public final String idToken

The id token retrieved as part of the authorization flow.

This is available when the response_type of the request included ‘id_token’.

See Also:

“OpenID Connect Core 1.0, Section 2 https://openid.net/specs/openid-connect-core-1_0.html#rfc.section.2”, “OpenID Connect Core 1.0, Section 3.2.2.5 https://openid.net/specs/openid-connect-core-1_0.html#rfc.section.3.2.2.5”

scope

@Nullable
public final String scope

The scope of the returned access token.

If this is not specified, the scope is assumed to be the same as what was originally requested.

additionalParameters

@NonNull
public final Map<String,String> additionalParameters

The additional, non-standard parameters in the response.

Method Detail

hasAccessTokenExpired

public boolean hasAccessTokenExpired()

Determines whether the returned access token has expired.

getScopeSet

@Nullable
public Set<String> getScopeSet()

Derives the set of scopes from the consolidated, space-delimited scopes in the scope field.

If no scopes were specified on this response, the method will return null.

createTokenExchangeRequest

@NonNull
public TokenRequest createTokenExchangeRequest()

Creates a follow-up request to exchange a received authorization code for tokens.

createTokenExchangeRequest

@NonNull
public TokenRequest createTokenExchangeRequest(@NonNull
                                               Map<String,String> additionalExchangeParameters)

Creates a follow-up request to exchange a received authorization code for tokens, including the provided additional parameters.

getState

@Nullable
public String getState()

Specified by:

getState in class AuthorizationManagementResponse

jsonSerialize

@NonNull
public JSONObject jsonSerialize()

Produces a JSON representation of the authorization response for persistent storage or local transmission (e.g.

between activities).

Specified by:

jsonSerialize in class AuthorizationManagementResponse

jsonDeserialize

@NonNull
public static AuthorizationResponse jsonDeserialize(@NonNull
                                                    JSONObject json)
                                             throws JSONException

Reads an authorization response from a JSON string representation produced by jsonSerialize().

Throws:

JSONException - if the provided JSON does not match the expected structure.

jsonDeserialize

@NonNull
public static AuthorizationResponse jsonDeserialize(@NonNull
                                                    String jsonStr)
                                             throws JSONException

Reads an authorization request from a JSON string representation produced by AuthorizationManagementResponse.jsonSerializeString().

This method is just a convenience wrapper for jsonDeserialize(JSONObject), converting the JSON string to its JSON object form.

Throws:

JSONException - if the provided JSON does not match the expected structure.

toIntent

@NonNull
public Intent toIntent()

Produces an intent containing this authorization response.

This is used to deliver the authorization response to the registered handler after a call to AuthorizationService.performAuthorizationRequest(net.openid.appauth.AuthorizationRequest, android.app.PendingIntent).

Specified by:

toIntent in class AuthorizationManagementResponse

fromIntent

@Nullable
public static AuthorizationResponse fromIntent(@NonNull
                                               Intent dataIntent)

Extracts an authorization response from an intent produced by toIntent().

This is used to extract the response from the intent data passed to an activity registered as the handler for AuthorizationService.performAuthorizationRequest(net.openid.appauth.AuthorizationRequest, android.app.PendingIntent).