Examples of OAuth2CodeGrantFlow

org.glassfish.jersey.client.oauth2.OAuth2CodeGrantFlow
The interface that defines OAuth 2 Authorization Code Grant Flow.
The implementation of this interface is capable of performing of the user authorization defined in the OAuth2 specification as "Authorization Code Grant Flow" (OAuth 2 spec defines more Authorization Flows). The result of the authorization is the {@link TokenResult}. The implementation starts the authorization process by construction of a redirect URI to which the user should be redirected (the URI points to authorization consent page hosted by Service Provider). The user grants an access using this page. Service Provider redirects the user back to the our server and the authorization process is finished using the same instance of the interface implementation.

To perform the authorization follow these steps:
Get the instance of this interface using {@link OAuth2ClientSupport}.
Call {@link #start()} method. The method returns redirection uri as a String.
Redirect the user to the redirect URI returned from the {@code start} method. If your application deploymentdoes not allow redirection (for example the app is a console application), then provide the redirection URI to the user in other ways.
User should authorize your application on the redirect URI.
After authorization the Authorization Server redirects the user back to the URI specified by {@link OAuth2CodeGrantFlow.Builder#redirectUri(String)} and provide the {@code code} and {@code state} asa request query parameter. Extract these parameter from the request. If your deployment does not support redirection (your app is not a web server) then Authorization Server will provide the user with {@code code} in other ways (for example display on the html page). You need to getthis code from the user. The {@code state} parameter is added to the redirect URI in the {@code start} method andand the same parameter should be returned from the authorization response as a protection against CSRF attacks.
Use the {@code code} and {@code state} to finish the authorization process by calling the method{@link #finish(String,String)} supplying the {@code code} and the {@code state} parameter. The method will internally requestthe access token from the Authorization Server and return it.
You can use access token from {@code TokenResult} together with {@link ClientIdentifier} toperform the authenticated requests to the Service Provider. You can also call methods {@link #getAuthorizedClient()} to get {@link Client client} already configured with supportfor authentication from consumer credentials and access token received during authorization process.

Important note: one instance of the interface can be used only for one authorization process. The methods must be called exactly in the order specified by the list above. Therefore the instance is also not thread safe and no concurrent access is expected.

Instance must be stored between method calls (between {@code start} and {@code finish}) for one user authorization process as the instance keeps internal state of the authorization process.

Examples of org.glassfish.jersey.client.oauth2.OAuth2CodeGrantFlow

    public Response getTasks() {
        if (SimpleOAuthService.getAccessToken() == null) {
            final String redirectURI = UriBuilder.fromUri(uriInfo.getBaseUri())
                    .path("oauth2/authorize").build().toString();


            final OAuth2CodeGrantFlow flow = OAuth2ClientSupport.googleFlowBuilder(
                    SimpleOAuthService.getClientIdentifier(),
                    redirectURI,
                    "https://www.googleapis.com/auth/tasks.readonly")
                    .prompt(OAuth2FlowGoogleBuilder.Prompt.CONSENT).build();


            SimpleOAuthService.setFlow(flow);


            // start the flow
            final String googleAuthURI = flow.start();


            // redirect user to Google Authorization URI.
            return Response.seeOther(UriBuilder.fromUri(googleAuthURI).build()).build();
        }
        // We have already an access token. Query the data from Google API.

Examples of org.glassfish.jersey.client.oauth2.OAuth2CodeGrantFlow

    private UriInfo uriInfo;


    @GET
    @Path("authorize")
    public Response authorize(@QueryParam("code") String code, @QueryParam("state") String state) {
        final OAuth2CodeGrantFlow flow = SimpleOAuthService.getFlow();


        final TokenResult tokenResult = flow.finish(code, state);


        SimpleOAuthService.setAccessToken(tokenResult.getAccessToken());


        // authorization is finished -> now redirect back to the task resource
        final URI uri = UriBuilder.fromUri(uriInfo.getBaseUri()).path("tasks").build();

Examples of org.glassfish.jersey.client.oauth2.OAuth2CodeGrantFlow

            });
        }


        final OAuth2CodeGrantFlow.Builder builder =
                OAuth2ClientSupport.authorizationCodeGrantFlowBuilder(clientId, authUri, accessTokenUri);
        final OAuth2CodeGrantFlow flow = builder
                .client(client)
                .refreshTokenUri(refreshTokenUri)
                .property(OAuth2CodeGrantFlow.Phase.AUTHORIZATION, "readOnly", "true")
                .property(OAuth2CodeGrantFlow.Phase.AUTHORIZATION, OAuth2Parameters.STATE, state)
                .scope("contact")
                .build();
        final String finalAuthorizationUri = flow.start();


        final Response response = ClientBuilder.newClient().target(finalAuthorizationUri).request().get();
        assertEquals(200, response.getStatus());


        final String code = response.readEntity(String.class);
        assertEquals(CODE, code);


        final TokenResult result = flow.finish(code, state);
        assertEquals("access-token-aab999f", result.getAccessToken());
        assertEquals(new Long(3600), result.getExpiresIn());
        assertEquals("access-token", result.getTokenType());


        final TokenResult refreshResult = flow.refreshAccessToken(result.getRefreshToken());
        assertEquals("access-token-new", refreshResult.getAccessToken());
        assertEquals(new Long(3600), refreshResult.getExpiresIn());
        assertEquals("access-token", refreshResult.getTokenType());


        if (isArray) {