public interface OAuth1AuthorizationFlow
The implementation of this interface is capable of performing of the user
authorization defined in the OAuth1 specification. The result of the authorization
is the access token
. The user authorization is called also
Authorization Flow. The implementation initiates the authorization process with
the Authorization server, then provides redirect URI to which the user should
be redirected (the URI points to authorization consent page hosted by Service Provider). The user
grants an access using this page. Service Provider redirects the user back to the
our server and the authorization process is finished using the implementation.
To perform the authorization follow these steps:
OAuth1ClientSupport
.start()
method. The method returns redirection uri as a String. Note: the method internally
makes a request to the request token uri and gets Request Token which will be used for the authorization process.start
method. If your application deployment
does not allow redirection (for example the app is a console application), then provide the redirection URI
to the user in other ways.OAuth1Builder.FlowBuilder.callbackUri(String)
and provide the oauth_verifier
as
a request query parameter. Extract this parameter from the request. If your deployment does not support
redirection (your app is not a web server) then Authorization Server will provide the user with
verifier
in other ways (for example display on the html page). You need to get
this verifier from the user.verifier
to finish the authorization process by calling the method
finish(String)
supplying the verifier. The method will internally request
the access token from the Authorization Server and return it.AccessToken
together with ConsumerCredentials
to
perform the authenticated requests to the Service Provider. You can also call
methods getAuthorizedClient()
to get client
already configured with support
for authentication from consumer credentials and access token received during authorization process.
Important note: one instance of the interface can be used only for one authorization process. The methods must be called exactly in the order specified by the list above. Therefore the instance is also not thread safe and no concurrent access is expected.
Instance must be stored between method calls (betweenstart
and finish
)
for one user authorization process as the instance keeps
internal state of the authorization process.
Modifier and Type | Method and Description |
---|---|
AccessToken |
finish()
Finish the authorization process and return the
AccessToken . |
AccessToken |
finish(String verifier)
Finish the authorization process and return the
AccessToken . |
javax.ws.rs.client.Client |
getAuthorizedClient()
Return the client configured for performing authorized requests to the Service Provider.
|
javax.ws.rs.core.Feature |
getOAuth1Feature()
Return the
oauth filter feature that can be used to configure
client instances to perform authenticated requests to the Service Provider. |
String |
start()
Start the authorization process and return redirection URI on which the user should give a consent
for our application to access resources.
|
String start()
Note: the method makes a request to the Authorization Server in order to get request token.
AccessToken finish()
AccessToken
. The method must be called on the
same instance after the start()
method was called and user granted access to this application.
The method makes a request to the Authorization Server but does not exchange verifier for access token. This method is intended only for some flows/cases in OAuth1.
AccessToken finish(String verifier)
AccessToken
. The method must be called on the
same instance after the start()
method was called and user granted access to this application.
The method makes a request to the Authorization Server in order to exchange verifier for access token.
verifier
- Verifier provided from the user authorization.javax.ws.rs.client.Client getAuthorizedClient()
start()
and
finish(String)
.Authorization
header to requests.javax.ws.rs.core.Feature getOAuth1Feature()
oauth filter feature
that can be used to configure
client
instances to perform authenticated requests to the Service Provider.
The authorization process must be successfully finished by instance by calling methods start()
and
finish(String)
.
AccessToken
.Copyright © 2007-2015, Oracle and/or its affiliates. All Rights Reserved. Use is subject to license terms.