|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||
java.lang.Objectcom.google.api.client.auth.oauth2.Credential
public class Credential
Thread-safe OAuth 2.0 helper for accessing protected resources using an access token, as well as optionally refreshing the access token when it expires using a refresh token.
Sample usage:
public static Credential createCredentialWithAccessTokenOnly(
HttpTransport transport, JsonFactory jsonFactory, TokenResponse tokenResponse) {
return new Credential(BearerToken.authorizationHeaderAccessMethod()).setFromTokenResponse(
tokenResponse);
}
public static Credential createCredentialWithRefreshToken(
HttpTransport transport, JsonFactory jsonFactory, TokenResponse tokenResponse) {
return new Credential.Builder(BearerToken.authorizationHeaderAccessMethod()).setTransport(
transport)
.setJsonFactory(jsonFactory)
.setTokenServerUrl(
new GenericUrl("https://server.example.com/token"))
.setClientAuthentication(new BasicAuthentication("s6BhdRkqt3", "7Fjfp0ZBr1KtDRbnfVdmIw"))
.build()
.setFromTokenResponse(tokenResponse);
}
If you need to persist the access token in a data store, use CredentialStore and
Credential.Builder.addRefreshListener(CredentialRefreshListener).
If you have a custom request initializer, request execute interceptor, or unsuccessful response
handler, take a look at the sample usage for HttpExecuteInterceptor and
HttpUnsuccessfulResponseHandler, which are interfaces that this class also implements.
| Nested Class Summary | |
|---|---|
static interface |
Credential.AccessMethod
Method of presenting the access token to the resource server as specified in Accessing Protected Resources. |
static class |
Credential.Builder
Credential builder. |
| Constructor Summary | |
|---|---|
|
Credential(Credential.AccessMethod method)
Constructor with the ability to access protected resources, but not refresh tokens. |
protected |
Credential(Credential.AccessMethod method,
HttpTransport transport,
JsonFactory jsonFactory,
String tokenServerEncodedUrl,
HttpExecuteInterceptor clientAuthentication,
HttpRequestInitializer requestInitializer,
List<CredentialRefreshListener> refreshListeners)
|
| Method Summary | |
|---|---|
protected TokenResponse |
executeRefreshToken()
Executes a request for new credentials from the token server. |
String |
getAccessToken()
Returns the access token or null for none. |
HttpExecuteInterceptor |
getClientAuthentication()
Returns the client authentication or null for none. |
Long |
getExpirationTimeMilliseconds()
Expected expiration time in milliseconds or null for none. |
Long |
getExpiresInSeconds()
Returns the remaining lifetime in seconds of the access token (for example 3600 for an hour, or -3600 if expired an hour ago) or null if unknown. |
JsonFactory |
getJsonFactory()
Returns the JSON factory to use for parsing response for refresh token request or null
for none. |
Credential.AccessMethod |
getMethod()
Return the method of presenting the access token to the resource server (for example BearerToken.AuthorizationHeaderAccessMethod). |
List<CredentialRefreshListener> |
getRefreshListeners()
Returns the unmodifiable list of listeners for refresh token results. |
String |
getRefreshToken()
Returns the refresh token associated with the access token to be refreshed or null for
none. |
HttpRequestInitializer |
getRequestInitializer()
Returns the HTTP request initializer for refresh token requests to the token server or null for none. |
String |
getTokenServerEncodedUrl()
Returns the encoded authorization server URL or null for none. |
HttpTransport |
getTransport()
Return the HTTP transport for executing refresh token request or null for none. |
boolean |
handleResponse(HttpRequest request,
HttpResponse response,
boolean supportsRetry)
|
void |
initialize(HttpRequest request)
|
void |
intercept(HttpRequest request)
|
boolean |
refreshToken()
Request a new access token from the authorization endpoint. |
Credential |
setAccessToken(String accessToken)
Sets the access token. |
Credential |
setExpirationTimeMilliseconds(Long expirationTimeMilliseconds)
Sets the expected expiration time in milliseconds or null for none. |
Credential |
setExpiresInSeconds(Long expiresIn)
Sets the lifetime in seconds of the access token (for example 3600 for an hour) or null
for none. |
Credential |
setFromTokenResponse(TokenResponse tokenResponse)
Sets the access token, refresh token (if
available), and expires-in time based on the values from the token
response. |
Credential |
setRefreshToken(String refreshToken)
Sets the refresh token. |
| Methods inherited from class java.lang.Object |
|---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
| Constructor Detail |
|---|
public Credential(Credential.AccessMethod method)
To use with the ability to refresh tokens, use Credential.Builder.
method - method of presenting the access token to the resource server (for example
BearerToken.AuthorizationHeaderAccessMethod)
protected Credential(Credential.AccessMethod method,
HttpTransport transport,
JsonFactory jsonFactory,
String tokenServerEncodedUrl,
HttpExecuteInterceptor clientAuthentication,
HttpRequestInitializer requestInitializer,
List<CredentialRefreshListener> refreshListeners)
method - method of presenting the access token to the resource server (for example
BearerToken.authorizationHeaderAccessMethod())transport - HTTP transport for executing refresh token request or null if not
refreshing tokensjsonFactory - JSON factory to use for parsing response for refresh token request or
null if not refreshing tokenstokenServerEncodedUrl - encoded token server URL or null if not refreshing tokensclientAuthentication - client authentication or null for none (see
TokenRequest.setClientAuthentication(HttpExecuteInterceptor))requestInitializer - HTTP request initializer for refresh token requests to the token
server or null for none.refreshListeners - listeners for refresh token results or null for none| Method Detail |
|---|
public void intercept(HttpRequest request)
throws IOException
Default implementation is to try to refresh the access token if there is no access token or if
we are 1 minute away from expiration. If token server is unavailable, it will try to use the
access token even if has expired. If successful, it will call getMethod() and
Credential.AccessMethod.intercept(com.google.api.client.http.HttpRequest, java.lang.String). Subclasses may override.
intercept in interface HttpExecuteInterceptorIOException
public boolean handleResponse(HttpRequest request,
HttpResponse response,
boolean supportsRetry)
Default implementation checks for a 401 error code and calls refreshToken(). If
executeRefreshToken() throws an I/O exception, this implementation will log the
exception and return false. Subclasses may override.
handleResponse in interface HttpUnsuccessfulResponseHandler
public void initialize(HttpRequest request)
throws IOException
initialize in interface HttpRequestInitializerIOExceptionpublic final String getAccessToken()
null for none.
public Credential setAccessToken(String accessToken)
Overriding is only supported for the purpose of calling the super implementation and changing the return type, but nothing else.
accessToken - access token or null for nonepublic final Credential.AccessMethod getMethod()
BearerToken.AuthorizationHeaderAccessMethod).
public final HttpTransport getTransport()
null for none.
public final JsonFactory getJsonFactory()
null
for none.
public final String getTokenServerEncodedUrl()
null for none.
public final String getRefreshToken()
null for
none.
public Credential setRefreshToken(String refreshToken)
Overriding is only supported for the purpose of calling the super implementation and changing the return type, but nothing else.
refreshToken - refresh token or null for nonepublic final Long getExpirationTimeMilliseconds()
null for none.
public Credential setExpirationTimeMilliseconds(Long expirationTimeMilliseconds)
null for none.
Overriding is only supported for the purpose of calling the super implementation and changing the return type, but nothing else.
public final Long getExpiresInSeconds()
null if unknown.
public Credential setExpiresInSeconds(Long expiresIn)
null
for none.
Overriding is only supported for the purpose of calling the super implementation and changing the return type, but nothing else.
expiresIn - lifetime in seconds of the access token (for example 3600 for an hour) or
null for nonepublic final HttpExecuteInterceptor getClientAuthentication()
null for none.
public final HttpRequestInitializer getRequestInitializer()
null for none.
public final boolean refreshToken()
throws IOException
On success, it will call setFromTokenResponse(TokenResponse), call
CredentialRefreshListener.onTokenResponse(com.google.api.client.auth.oauth2.Credential, com.google.api.client.auth.oauth2.TokenResponse) with the token response, and return
true. On error, it will call setAccessToken(String) and
setExpiresInSeconds(Long) with null, call
CredentialRefreshListener.onTokenErrorResponse(com.google.api.client.auth.oauth2.Credential, com.google.api.client.auth.oauth2.TokenErrorResponse) with the token error response, and
return false.
IOExceptionpublic Credential setFromTokenResponse(TokenResponse tokenResponse)
access token, refresh token (if
available), and expires-in time based on the values from the token
response.
It does not call the refresh listeners.
Overriding is only supported for the purpose of calling the super implementation and changing the return type, but nothing else.
tokenResponse - successful token response
protected TokenResponse executeRefreshToken()
throws IOException
The default implementation calls TokenRequest.execute() using the
getTransport(), getJsonFactory(), getRequestInitializer(),
getTokenServerEncodedUrl(), getRefreshToken(), and the
getClientAuthentication(). If getRefreshToken() is null, it instead
returns null.
Subclasses may override for a different implementation. Implementations can assume proper
thread synchronization is already taken care of inside refreshToken().
null if it is not possible to
refresh the access token
IOException - I/O exception
TokenResponseException - if an error response was received from the token serverpublic final List<CredentialRefreshListener> getRefreshListeners()
|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||