org.springframework.social.oauth2

Interface OAuth2Operations

All Known Implementing Classes:

OAuth2Template

public interface OAuth2Operations

A service interface for the OAuth2 flow. This interface allows you to conduct the "OAuth dance" with a service provider on behalf of a user.

Author:

Keith Donald, Roy Clarkson

Method Summary

Modifier and Type	Method and Description
AccessGrant	authenticateClient() Retrieves the client access grant using OAuth 2 client password flow.
AccessGrant	authenticateClient(String scope) Retrieves the client access grant using OAuth 2 client password flow.
String	buildAuthenticateUrl(GrantType grantType, OAuth2Parameters parameters) Construct the URL to redirect the user to for authentication.
String	buildAuthorizeUrl(GrantType grantType, OAuth2Parameters parameters) Construct the URL to redirect the user to for authorization.
AccessGrant	exchangeCredentialsForAccess(String username, String password, org.springframework.util.MultiValueMap<String,String> additionalParameters) Exchanges user credentials for an access grant using OAuth2's Resource Owner Credentials Grant (aka, "password" grant).
AccessGrant	exchangeForAccess(String authorizationCode, String redirectUri, org.springframework.util.MultiValueMap<String,String> additionalParameters) Exchange the authorization code for an access grant.
AccessGrant	refreshAccess(String refreshToken, org.springframework.util.MultiValueMap<String,String> additionalParameters) Refreshes a previous access grant.
AccessGrant	refreshAccess(String refreshToken, String scope, org.springframework.util.MultiValueMap<String,String> additionalParameters) Deprecated. Set the scope via additional parameters. This can be done conveniently user OAuth2Parameters.

Method Detail

buildAuthorizeUrl

String buildAuthorizeUrl(GrantType grantType,
                         OAuth2Parameters parameters)

Construct the URL to redirect the user to for authorization.

Parameters:

grantType - specifies whether to use client-side or server-side OAuth flow

parameters - authorization parameters needed to build the URL

Returns:

the absolute authorize URL to redirect the user to for authorization

buildAuthenticateUrl

String buildAuthenticateUrl(GrantType grantType,
                            OAuth2Parameters parameters)

Construct the URL to redirect the user to for authentication. The authenticate URL differs from the authorizationUrl slightly in that it does not require the user to authorize the app multiple times. This provides a better user experience for "Sign in with Provider" scenarios.

Parameters:

grantType - specifies whether to use client-side or server-side OAuth flow

parameters - authorization parameters needed to build the URL

Returns:

the absolute authenticate URL to redirect the user to for authorization

exchangeForAccess

AccessGrant exchangeForAccess(String authorizationCode,
                              String redirectUri,
                              org.springframework.util.MultiValueMap<String,String> additionalParameters)

Exchange the authorization code for an access grant.

Parameters:

authorizationCode - the authorization code returned by the provider upon user authorization

redirectUri - the authorization callback url; this value must match the redirectUri registered with the provider

additionalParameters - any additional parameters to be sent when exchanging the authorization code for an access grant. Should not be encoded.

Returns:

the access grant.

exchangeCredentialsForAccess

AccessGrant exchangeCredentialsForAccess(String username,
                                         String password,
                                         org.springframework.util.MultiValueMap<String,String> additionalParameters)

Exchanges user credentials for an access grant using OAuth2's Resource Owner Credentials Grant (aka, "password" grant).

Parameters:

username - the user's username on the provider

password - the user's password on the provider

additionalParameters - any additional parameters to be sent when exchanging the credentials for an access grant. Should not be encoded.

Returns:

the access grant.

refreshAccess

@Deprecated
AccessGrant refreshAccess(String refreshToken,
                                      String scope,
                                      org.springframework.util.MultiValueMap<String,String> additionalParameters)

Deprecated. Set the scope via additional parameters. This can be done conveniently user OAuth2Parameters.

Refreshes a previous access grant.

Parameters:

refreshToken - the refresh token from the previous access grant.

scope - optional scope to narrow to when refreshing access; if null, the existing scope is preserved.

additionalParameters - any additional parameters to be sent when refreshing a previous access grant. Should not be encoded.

Returns:

the access grant.

refreshAccess

AccessGrant refreshAccess(String refreshToken,
                          org.springframework.util.MultiValueMap<String,String> additionalParameters)

Refreshes a previous access grant.

Parameters:

refreshToken - the refresh token from the previous access grant.

additionalParameters - any additional parameters to be sent when refreshing a previous access grant. Should not be encoded.

Returns:

the access grant.

authenticateClient

AccessGrant authenticateClient()

Retrieves the client access grant using OAuth 2 client password flow. This is an access grant that is based on the client id and password (a.k.a. client secret).

Returns:

the access grant of the client only (not user related)

authenticateClient

AccessGrant authenticateClient(String scope)

Retrieves the client access grant using OAuth 2 client password flow. This is an access grant that is based on the client id and password (a.k.a. client secret).

Parameters:

scope - optional scope to get for the access grant

Returns:

the access grant of the client only (not user related)