Package com.ocient.auth

Class OpenIDAuthenticators.AuthorizationCodeWithPKCEClient

java.lang.Object

com.ocient.auth.OpenIDAuthenticators.AuthorizationCodeWithPKCEClient

All Implemented Interfaces:

Closeable, AutoCloseable

Enclosing class:

OpenIDAuthenticators

public static class OpenIDAuthenticators.AuthorizationCodeWithPKCEClient
extends Object
implements Closeable

The PKCE-enhanced Authorization Code Flow introduces a secret created by the calling application that can be verified by the authorization server; this secret is called the Code Verifier. Additionally, the calling app creates a transform value of the Code Verifier called the Code Challenge and sends this value over HTTPS to retrieve an Authorization Code. This way, a malicious attacker can only intercept the Authorization Code, and they cannot exchange it for a token without the Code Verifier.

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static class	OpenIDAuthenticators.AuthorizationCodeWithPKCEClient.AuthorizationCodeGrant<T extends Token>	The authorization code is obtained by using an authorization server as an intermediary between the client and resource owner.

Constructor Summary

Constructors

Constructor	Description
AuthorizationCodeWithPKCEClient(String host, int port, boolean debugMode)

Method Summary

Modifier and Type	Method	Description
void	close()	Stops the server, waiting up to 10 seconds for running requests to complete
OpenIDAuthenticators.AuthorizationCodeWithPKCEClient.AuthorizationCodeGrant<OpenIDAuthenticators.OAuthToken>	create(ClientWireProtocol.OpenIDAuthenticator authenticator)
OpenIDAuthenticators.AuthorizationCodeWithPKCEClient.AuthorizationCodeGrant<OpenIDAuthenticators.OAuthToken>	create(ClientWireProtocol.OpenIDAuthenticator authenticator, Map<String,String> additionalParameters)	Begins the OAuth 2.0 Authorization Code w/ PKCE Flow
void	start()	Binds the server to the port provided to the constructor

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

AuthorizationCodeWithPKCEClient

public AuthorizationCodeWithPKCEClient(String host, int port, boolean debugMode)

Method Details

start

public void start() throws IOException

Binds the server to the port provided to the constructor

Throws:

IOException

close

public void close()

Stops the server, waiting up to 10 seconds for running requests to complete

Specified by:

close in interface AutoCloseable

Specified by:

close in interface Closeable

create

public OpenIDAuthenticators.AuthorizationCodeWithPKCEClient.AuthorizationCodeGrant<OpenIDAuthenticators.OAuthToken> create(ClientWireProtocol.OpenIDAuthenticator authenticator) throws Exception

Throws:

Exception

create

public OpenIDAuthenticators.AuthorizationCodeWithPKCEClient.AuthorizationCodeGrant<OpenIDAuthenticators.OAuthToken> create(ClientWireProtocol.OpenIDAuthenticator authenticator, Map<String,String> additionalParameters) throws Exception

Begins the OAuth 2.0 Authorization Code w/ PKCE Flow

Parameters:

authenticator - the Authorization Server

Returns:

an OpenIDAuthenticators.AuthorizationCodeWithPKCEClient.AuthorizationCodeGrant

Throws:

Exception - when any exception occurs