Skip to content

Instantly share code, notes, and snippets.

@lbalmaceda

lbalmaceda/AuthProvider.java

Last active July 1, 2016 18:10
Show Gist options
  • Save lbalmaceda/d40a5b1bdbca79fd3d5bef5007eceb5d to your computer and use it in GitHub Desktop.
Save lbalmaceda/d40a5b1bdbca79fd3d5bef5007eceb5d to your computer and use it in GitHub Desktop.
Download ZIP
Android IdP Improvement
Raw
README.md

OAuth2 Web-only usage

Call the static method WebAuthProvider.init() and configure the instance. Finally call .start() to begin. When you receive the response back in the Activity, call .resume with the results.

The response can be received in either the onActivityResult() method or in the onNewIntent() method. This depends on whether you are using browser or webview. Two methods .resume() with different signature had been provided to tackle this.

See MyActivity for more context.

Android usage with M Permission handling

Implement the abstract class AuthProvider and define which permissions your provider needs before running the authorization. Call .start() and finish with .authorize() when you get the results back on your activity.

If some permissions are needed but not yet granted, a request will be made to the android OS. The result of that request will arrive on the activity's onRequestPermissionsResult() method. You should redir that result to the provider, also calling onRequestPermissionsResult().

Raw
AuthProvider.java
//This is the abstract AuthProvider, with permission handling.
public abstract class AuthProvider implements PermissionProvider {
public AuthProvider(@NonNull PermissionHandler handler) {
this.handler = handler;
}
public void start(@NonNull Activity activity, @NonNull AuthCallback callback, int permissionRequestCode) {
this.callback = callback;
if (checkPermissions(activity)) {
Log.v(TAG, "All permissions were already granted, the authentication flow is starting.");
requestAuth(activity);
} else {
Log.d(TAG, "Some permissions were not previously granted, requesting them now.");
requestPermissions(activity, permissionRequestCode);
}
}
//Defines which Android Manifest Permissions are required by this Identity Provider to work.
public abstract String[] getRequiredAndroidPermissions();
boolean authorize(@NonNull AuthorizeResult result);
public void onRequestPermissionsResult(@NonNull Activity activity, int requestCode, @NonNull String[] permissions, @NonNull int[] grantResults) {
//Check if permissions were granted and if true continue auth, else show an error.
}
}
Raw
MyActivity.java
//Demo activity
public class MyActivity extends Activity {
@Override
protected void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
WebAuthProvider.init(account)
.useBrowser(true)
.useCodeGrant(true)
.withState("123456")
.withConnection("twitter")
.start(this, callback, WEB_REQ_CODE);
}
@Override
protected void onActivityResult(int requestCode, int resultCode, Intent data) {
if (requestCode == WEB_REQ_CODE && WebAuthProvider.resume(requestCode, resultCode, data)) {
return;
}
super.onActivityResult(requestCode, resultCode, data);
}
@Override
protected void onNewIntent(Intent intent) {
if (WebAuthProvider.resume(intent)) {
return;
}
super.onNewIntent(intent);
}
}
Raw
WebAuthProvider.java
public class WebAuthProvider {
private static WebAuthProvider providerInstance;
private WebAuthProvider(@NonNull Auth0 account) {
this.account = account;
//Set default values
}
public static class Builder {
//private constructor. Can only be instantiated from the init() method.
Builder(Auth0 account) {
this.account = account;
}
//Builder methods to configure the instance
//...
///
/**
* Begins the authentication flow.
*/
public void start(@NonNull Activity activity, @NonNull AuthCallback callback, int requestCode) {
providerInstance = new WebAuthProvider(account)
.useBrowser(useBrowser)
.useFullscreen(useFullscreen)
.withState(state)
.withScope(scope)
.useCodeGrant(useCodeGrant)
.withParameters(parameters)
.withConnection(connectionName);
providerInstance.start(activity, callback, requestCode);
}
}
// Public methods (User interface)
// Inits the instance. Can be configured, the user will finally call start().
public static Builder init(@NonNull Auth0 account) {
return new Builder(account);
}
//Finish the authentication if an instance is found
public static boolean resume(int requestCode, int resultCode, Intent data) {
if (providerInstance == null) {
Log.w(TAG, "There is no previous instance of this provider.");
return false;
}
return providerInstance.authorize(requestCode, resultCode, data);
}
public static boolean resume(Intent data) {
if (providerInstance == null) {
Log.w(TAG, "There is no previous instance of this provider.");
return false;
}
return providerInstance.authorize(data);
}
// End Public methods
// Private methods to handle the authentication
//...
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment