Package com.ocient.auth

Class OpenIDAuthenticators.AuthorizationCodeWithPKCEClient

java.lang.Object

com.ocient.auth.OpenIDAuthenticators.AuthorizationCodeWithPKCEClient

All Implemented Interfaces:

Closeable, AutoCloseable

Enclosing class:

OpenIDAuthenticators

public static class OpenIDAuthenticators.AuthorizationCodeWithPKCEClient
extends Object
implements Closeable

The PKCE-enhanced Authorization Code Flow introduces a secret created by the calling application that can be verified by the authorization server; this secret is called the Code Verifier. Additionally, the calling app creates a transform value of the Code Verifier called the Code Challenge and sends this value over HTTPS to retrieve an Authorization Code. This way, a malicious attacker can only intercept the Authorization Code, and they cannot exchange it for a token without the Code Verifier.

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static class	OpenIDAuthenticators.AuthorizationCodeWithPKCEClient.AuthorizationCodeGrant<T extends Token>	The authorization code is obtained by using an authorization server as an intermediary between the client and resource owner.

Constructor Summary

Constructors

Constructor	Description
AuthorizationCodeWithPKCEClient(String host, int port, boolean debugMode, boolean SSLCallback, boolean acceptSelfSignedCerts)

Method Summary

Modifier and Type	Method	Description
void	close()
OpenIDAuthenticators.AuthorizationCodeWithPKCEClient.AuthorizationCodeGrant<OpenIDAuthenticators.OAuthToken>	create(ClientWireProtocol.OpenIDAuthenticator authenticator)
OpenIDAuthenticators.AuthorizationCodeWithPKCEClient.AuthorizationCodeGrant<OpenIDAuthenticators.OAuthToken>	create(ClientWireProtocol.OpenIDAuthenticator authenticator, Map<String,String> additionalParameters)	Begins the OAuth 2.0 Authorization Code w/ PKCE Flow
void	start()

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

AuthorizationCodeWithPKCEClient

public AuthorizationCodeWithPKCEClient(String host,
 int port,
 boolean debugMode,
 boolean SSLCallback,
 boolean acceptSelfSignedCerts)

Method Details

start

public void start()

close

public void close()

Specified by:

close in interface AutoCloseable

Specified by:

close in interface Closeable

create

public OpenIDAuthenticators.AuthorizationCodeWithPKCEClient.AuthorizationCodeGrant<OpenIDAuthenticators.OAuthToken> create(ClientWireProtocol.OpenIDAuthenticator authenticator)
                                                                                                                    throws KeyManagementException,
NoSuchAlgorithmException,
KeyStoreException,
IOException

Throws:

KeyManagementException

NoSuchAlgorithmException

KeyStoreException

IOException

create

public OpenIDAuthenticators.AuthorizationCodeWithPKCEClient.AuthorizationCodeGrant<OpenIDAuthenticators.OAuthToken> create(ClientWireProtocol.OpenIDAuthenticator authenticator,
 Map<String,String> additionalParameters)
                                                                                                                    throws NoSuchAlgorithmException,
KeyManagementException,
KeyStoreException,
IOException

Begins the OAuth 2.0 Authorization Code w/ PKCE Flow

Parameters:

authenticator - the Authorization Server

Returns:

an OpenIDAuthenticators.AuthorizationCodeWithPKCEClient.AuthorizationCodeGrant

Throws:

NoSuchAlgorithmException

IOException

KeyStoreException

KeyManagementException