Package com.ocient.auth
Enum Class OpenIDAuthenticators.OAuthFlow
- All Implemented Interfaces:
Serializable,Comparable<OpenIDAuthenticators.OAuthFlow>,Constable
- Enclosing class:
- OpenIDAuthenticators
-
Nested Class Summary
Nested classes/interfaces inherited from class java.lang.Enum
Enum.EnumDesc<E extends Enum<E>> -
Enum Constant Summary
Enum ConstantsEnum ConstantDescriptionThe Authorization Code grant type is used by public clients with access to a web browser to exchange an authorization code for an access token.The OAuth 2.0 “Device Flow” extension enables OAuth on devices that have an Internet connection but don’t have a browser or an easy way to enter text. -
Method Summary
Modifier and TypeMethodDescriptionkey()Returns the enum constant of this class with the specified name.static OpenIDAuthenticators.OAuthFlow[]values()Returns an array containing the constants of this enum class, in the order they are declared.
-
Enum Constant Details
-
AUTHORIZATION_CODE
The Authorization Code grant type is used by public clients with access to a web browser to exchange an authorization code for an access token. After the user returns to the client via the redirect URL, the application will get the authorization code from the URL and use it to request an access token.Note: The implementation utilizes the PKCE extension to this flow, but is ommitted from the sequence diagram below.
. +---------+ +---------+ +-----------------------+ | Client | | Server | | Authorization_Server | +---------+ +---------+ +-----------------------+ | | | | Fetch Authenticators for db | | |---------------------------------->| | | | | | (Authenticators) | | |<----------------------------------| | ------------------------------------\ | | | | Opens web browser on host machine |‑| | | |-----------------------------------| | | | | | | | Direct User to Authorization Server login | |-------------------------------------------------------------------------->| | | | ---------------------------------------\ | | |‑| User completes authorization request | | | | |--------------------------------------| | | | | | (authorization_code) | |<--------------------------------------------------------------------------| | | | | Exchange authorization_code for tokens | |-------------------------------------------------------------------------->| | | | | | (id, access, refresh tokens) | |<--------------------------------------------------------------------------| | | | | GCM (id, access, refresh tokens) | | |---------------------------------->| | | | --------------------------\ | | |-| Server validates tokens | | | | |-------------------------| | | | | -
DEVICE_GRANT
The OAuth 2.0 “Device Flow” extension enables OAuth on devices that have an Internet connection but don’t have a browser or an easy way to enter text. If you’ve ever signed in to your YouTube account on a device such as the Apple TV, you’ve encountered this workflow already. Google was involved in the development of this extension, and has been an early implementer of it in production as well.This flow is also seen on devices such as smart TVs, media consoles, picture frames, printers, or hardware video encoders. In this flow, the device instructs the user to open a URL on a secondary device such as a smartphone or computer in order to complete the authorization. There is no communication channel required between the client that initiates the request and the secondary device where the user completes the authorization request.
. +---------+ +---------+ +-----------------------+ +-------+ | Client | | Server | | Authorization_Server | | User | +---------+ +---------+ +-----------------------+ +-------+ | | | | | Fetch Authenticators for db | | | |---------------------------------->| | | | | | | | (Authenticators) | | | |<----------------------------------| | | | | | | | Request device verification code | | | |-------------------------------------------------------------------------->| | | | | | | (device_code, user_code, verification_uri) | | |<--------------------------------------------------------------------------| | -----------------------------------------------\ | | | | | Display user_code & verification_uri to User |‑| | | | |----------------------------------------------| | | | | | | | | | | | User completes authorization request on second device | | | |<----------------------------------------------------------| | | | | | Poll Token Endpoint for authorization response | | |-------------------------------------------------------------------------->| | | | | | | | (id, access, refresh tokens) | | |<--------------------------------------------------------------------------| | | | | | | GCM (id, access, refresh tokens) | | | |---------------------------------->| | | | | --------------------------\ | | | |-| Server validates tokens | | | | | |-------------------------| | | | | | |
-
-
Method Details
-
values
Returns an array containing the constants of this enum class, in the order they are declared.- Returns:
- an array containing the constants of this enum class, in the order they are declared
-
valueOf
Returns the enum constant of this class with the specified name. The string must match exactly an identifier used to declare an enum constant in this class. (Extraneous whitespace characters are not permitted.)- Parameters:
name- the name of the enum constant to be returned.- Returns:
- the enum constant with the specified name
- Throws:
IllegalArgumentException- if this enum class has no constant with the specified nameNullPointerException- if the argument is null
-
key
-