Package com.ocient.auth

Class OktaAuthenticators.OktaNativeSSOClient

java.lang.Object

com.ocient.auth.OktaAuthenticators.OktaNativeSSOClient

Enclosing class:

OktaAuthenticators

public static class OktaAuthenticators.OktaNativeSSOClient
extends Object

From https://developer.okta.com/docs/guides/configure-native-sso/main

Native SSO allows you to protect native OpenID Connect applications, such as desktop apps and mobile apps, and achieve Single Sign-On (SSO) and Single Logout (SLO) between these applications. SSO between browser-based web applications is achieved by leveraging shared cookies. Unlike web applications, native applications can't use web cookies. Okta offers a token-based approach to achieve SSO between native applications. See OpenID Connect and OAuth 2.0 API for more information on the OAuth 2.0 and OpenID Connect endpoints.

Constructor Summary

Constructors

Constructor	Description
OktaNativeSSOClient()

Method Summary

Modifier and Type	Method	Description
static OpenIDAuthenticators.AuthorizationCodeWithPKCEClient.AuthorizationCodeGrant<OktaAuthenticators.OktaNativeSSOToken>	createAuthorizationCodeGrant(OpenIDAuthenticators.AuthorizationCodeWithPKCEClient client, ClientWireProtocol.OpenIDAuthenticator authenticator)	Returns a OpenIDAuthenticators.AuthorizationCodeWithPKCEClient.AuthorizationCodeGrant that yields an OktaAuthenticators.OktaNativeSSOToken on authorization success.
static OpenIDAuthenticators.DeviceAuthorizationGrant<OktaAuthenticators.OktaNativeSSOToken>	createDeviceAuthorizationGrant(ClientWireProtocol.OpenIDAuthenticator authenticator)	Returns a OpenIDAuthenticators.DeviceAuthorizationGrant that yields an OktaAuthenticators.OktaNativeSSOToken on authorization success.
static OpenIDAuthenticators.OAuthToken	exchangeForOAuthToken(OktaAuthenticators.OktaNativeSSOToken oktaToken)	Sends a request to the /token endpoint for the Authorization Server that issued this device token.
static void	revoke(OktaAuthenticators.OktaNativeSSOToken oktaToken)	Sends a request to the /revoke endpoint for the Authorization Server that issued this device token.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

OktaNativeSSOClient

public OktaNativeSSOClient()

Method Details

createAuthorizationCodeGrant

public static OpenIDAuthenticators.AuthorizationCodeWithPKCEClient.AuthorizationCodeGrant<OktaAuthenticators.OktaNativeSSOToken> createAuthorizationCodeGrant(OpenIDAuthenticators.AuthorizationCodeWithPKCEClient client,
 ClientWireProtocol.OpenIDAuthenticator authenticator)
                                                                                                                                                       throws AuthException,
KeyManagementException,
UnsupportedEncodingException,
MalformedURLException,
NoSuchAlgorithmException,
KeyStoreException,
IOException

Returns a OpenIDAuthenticators.AuthorizationCodeWithPKCEClient.AuthorizationCodeGrant that yields an OktaAuthenticators.OktaNativeSSOToken on authorization success.

Parameters:

client - an instance of OpenIDAuthenticators.AuthorizationCodeWithPKCEClient

authenticator - the Authorization Server

Returns:

OpenIDAuthenticators.AuthorizationCodeWithPKCEClient.AuthorizationCodeGrant

Throws:

AuthException

IOException

KeyStoreException

NoSuchAlgorithmException

MalformedURLException

UnsupportedEncodingException

KeyManagementException

createDeviceAuthorizationGrant

public static OpenIDAuthenticators.DeviceAuthorizationGrant<OktaAuthenticators.OktaNativeSSOToken> createDeviceAuthorizationGrant(ClientWireProtocol.OpenIDAuthenticator authenticator)
                                                                                                                           throws AuthException,
KeyManagementException,
MalformedURLException,
NoSuchAlgorithmException,
KeyStoreException,
IOException,
TimeoutException

Returns a OpenIDAuthenticators.DeviceAuthorizationGrant that yields an OktaAuthenticators.OktaNativeSSOToken on authorization success.

Parameters:

authenticator - the Authorization Server

Returns:

OpenIDAuthenticators.DeviceAuthorizationGrant

Throws:

AuthException

IOException

KeyStoreException

NoSuchAlgorithmException

MalformedURLException

KeyManagementException

TimeoutException

exchangeForOAuthToken

public static OpenIDAuthenticators.OAuthToken exchangeForOAuthToken(OktaAuthenticators.OktaNativeSSOToken oktaToken)
                                                             throws KeyManagementException,
MalformedURLException,
NoSuchAlgorithmException,
KeyStoreException,
IOException

Sends a request to the /token endpoint for the Authorization Server that issued this device token. The token request uses the device secret to obtain a new set of id, access and refresh tokens from the Authorization Server.

Parameters:

oktaToken - the OktaAuthenticators.OktaNativeSSOToken

Returns:

an OpenIDAuthenticators.OAuthToken

Throws:

IOException

KeyStoreException

NoSuchAlgorithmException

MalformedURLException

KeyManagementException

revoke

public static void revoke(OktaAuthenticators.OktaNativeSSOToken oktaToken)
                   throws KeyManagementException,
MalformedURLException,
NoSuchAlgorithmException,
KeyStoreException,
IOException

Sends a request to the /revoke endpoint for the Authorization Server that issued this device token. The revoke request signs the user out from all of the apps that are a part of the Native SSO flow.

Parameters:

oktaToken - the OktaAuthenticators.OktaNativeSSOToken

Throws:

IOException

KeyStoreException

NoSuchAlgorithmException

MalformedURLException

KeyManagementException