gappsv3

Class GOAuth2

java.lang.Object

gappsv3.GOAuth2

public class GOAuth2
extends Object

Class for authorization via Google OAuth 2.0. Two methods of authorization are available: 1. Authorization where the user copies the token from a webpage and pastes the token into some part of the parent BBj application. This method is ideal for BUI applications but also works with GUI applications.
2. Authorization where the user accepts permission from a spawned webpage, but a temporary local webserver recieves the token, so that the user is not involved in providing the intermediate code to the application.
OAuth authentication has the concept of scopes, which indicate what permissions the requesting application is asking for. Such permissions may include accessing the user email address, calendar, posting via their Google Plus profile, etc.
After an application first asks for permission for a given set of scopes, this class stores a cookie with the refresh token. In the future, when calls are made to getTokenFromCookie, this class quietly retrieves a new token from Google using the refresh token and uses that token for authentication.
In the context of GUI, cookies are stored in Java Preferences.

Field Summary

Fields

Modifier and Type	Field and Description
BBjString	CharacterEncoding! Character encoding for authentication requests.
BBjString	ClientIDProperty! applications using OAuth, this property can be overridden to look for a different property in BBj.properties.
BBjString	ClientSecretProperty! applications using OAuth, this property can be overridden to look for a different property in BBj.properties.
BBjNumber	CookieGroup! Specifies type of cookie.
BBjString	CookieRefreshTokenVariable! the cookie.
BBjString	CookieScopeVariable! Typically does not need to be modified.
BBjString	CookieTokenVariable! in the cookie.
BBjString	RedirectURL! URL or URI to which the authorization token will be sent.
BBjVector	Scopes! scopes for authorization.
BBjNumber	Timeout Authentication timeout in seconds.
BBjNumber	UsesLocalhostAuthentication Indicates whether this instance uses copy and paste token authentication or localhost authentication.

Method Summary

Modifier and Type	Method and Description
BBjString	getBearerTokenFromRefreshToken(BBjString refreshToken!) This method exchanges the refresh token for a bearer token.
static GOAuth2	getCopyPasteFromBrowserInstance() Create a GOAuth2 object for copy/paste authentication.
static GOAuth2	getRedirectToLocalHostInstance() Create a GOAuth2 object for localhost authentication.
BBjString	getRefreshToken() The authorization refresh token.
BBjString	getToken() The authorization token.
BBjString	getTokenFromCookie() permissions, submit the refresh token to get a new token from Google.
BBjNumber	leg1() Leg 1 constructs a permission request to send to Google, which then will obtain permission from the user.
void	leg3(BBjString code!) In Leg 3, the intermediate code is sent to Google in exchange for an authentication token.
BBjString	localhostleg2() Used only for locaalhost authentication, leg 2 looks for an intermediate code that's been sent to the local webserver.
void	revokeAccess() Revokes access of the application to the currently signed in user.
void	revokeAccess(BBjString token!) Revokes access of the current token!.

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

CookieTokenVariable!

public BBjString CookieTokenVariable!

in the cookie. Typically does not need to be modified.

CookieScopeVariable!

public BBjString CookieScopeVariable!

Typically does not need to be modified.

CookieRefreshTokenVariable!

public BBjString CookieRefreshTokenVariable!

the cookie.

CookieGroup!

public BBjNumber CookieGroup!

Specifies type of cookie. (Session, etc.) default is null.

RedirectURL!

public BBjString RedirectURL!

URL or URI to which the authorization token will be sent.

Scopes!

public BBjVector Scopes!

scopes for authorization. Starts out as an empty vector.

ClientIDProperty!

public BBjString ClientIDProperty!

applications using OAuth, this property can be overridden to look for a different property in BBj.properties. Note: This is the name of the property for the client id, not the value of the client id itself. One should configure their application so it does not allow the user to drop to console. This way, they can not readily capture the client id.

ClientSecretProperty!

public BBjString ClientSecretProperty!

applications using OAuth, this property can be overridden to look for a different property in BBj.properties. Note: This is the name of the property for the client secret, not the value of the client secret itself. One should configure their application so it does not allow the user to drop to console. This way, they can not readily capture the client secret.

CharacterEncoding!

public BBjString CharacterEncoding!

Character encoding for authentication requests. Default is UTF-8.

Timeout

public BBjNumber Timeout

Authentication timeout in seconds. Default is 0, which means "forever."

UsesLocalhostAuthentication

public BBjNumber UsesLocalhostAuthentication

Indicates whether this instance uses copy and paste token authentication or localhost authentication. 0 = web page 1 = localhost

Method Detail

getRedirectToLocalHostInstance

public static GOAuth2 getRedirectToLocalHostInstance()

Create a GOAuth2 object for localhost authentication. This instance type automatically finds an unused port, runs a local webserver to receive the request and shuts the webserver down once the authentication token is received.

Returns:

A new GOAuth2 authentication object.

getCopyPasteFromBrowserInstance

public static GOAuth2 getCopyPasteFromBrowserInstance()

Create a GOAuth2 object for copy/paste authentication. This instance type redirects to a page containing the intermediate code value and depends on the user to paste the intermediate code somewhere within the calling application. The calling application then needs to pass the code onto Google to get the authentication token.

Returns:

A new GOAuth2 authentication object.

getTokenFromCookie

public BBjString getTokenFromCookie()

permissions, submit the refresh token to get a new token from Google.

Returns:

A BBjString containing the token if available or null() if not available.

leg1

public BBjNumber leg1()

Leg 1 constructs a permission request to send to Google, which then will obtain permission from the user. The end result if the user gives permission is an intermediate code value.

Returns:

BBjNumber indicating whether this leg is connecting to the web for authorization.
0 (false) indicates we already had a token and did not connect. 1 (true) indicates we connected in order to obtain a code to get a token.

localhostleg2

public BBjString localhostleg2()

Used only for locaalhost authentication, leg 2 looks for an intermediate code that's been sent to the local webserver. (The local webserver is spawned by GOAuth2 -- It won't check for your own local webserver.)

Throws:

!ERROR - = 254 when authorization times out.

!ERROR - = 254 when an authorization error occurs.

leg3

public void leg3(BBjString code!)

In Leg 3, the intermediate code is sent to Google in exchange for an authentication token. Obtaining the authentication token is the end goal of this class.

getToken

public BBjString getToken()

The authorization token.

Returns:

BBjString representing the token if it has been obtained. Otherwise, null().

getRefreshToken

public BBjString getRefreshToken()

The authorization refresh token. This is a long term token used to retrieve session tokens.

Returns:

The refresh token if it has been obtained. Otherwise, null().

getBearerTokenFromRefreshToken

public BBjString getBearerTokenFromRefreshToken(BBjString refreshToken!)

This method exchanges the refresh token for a bearer token. The bearer token can then be used for future API requests. This method assumes the refresh token was obtained somewhere other than a cookie and therefore does not set a cookie with a refresh token.

Returns:

The bearer token for the refresh token.

Throws:

!ERROR - = 254 if refreshToken! is invalid. In particular, the error message "invalid_grant;quot; points to an invalid refresh token being provided.

revokeAccess

public void revokeAccess()

Revokes access of the application to the currently signed in user. User will have to grant access to the application via a sign in process again. Any refresh or bearer tokens associated with this session's bearer token will not continue to work. This method sends the following request which can be duplicated in a browser: https://accounts.google.com/o/oauth2/revoke?token = token!

Throws:

!ERROR - = 254 if nobody is signed in. (token! is null() in that case.)

revokeAccess

public void revokeAccess(BBjString token!)

Revokes access of the current token!. (token! can be any Google token and need not be associated with the current application.) Any refresh or bearer tokens associated with token! will not continue to honored. This method sends the following request which can be duplicated in a browser: https://accounts.google.com/o/oauth2/revoke?token = token!

Throws:

!ERROR - = 254 if token! is null.

!ERROR - = 254 if token! was not successfully revoked.