Package com.google.api.client.auth.oauth2

Implementation of the OAuth 2.0 Authorization Framework.

Before using this library, you will typically need to register your application with the authorization server to receive a client ID and client secret. See Client Registration.

These are the typical steps of the web server flow based on an authorization code, as specified in Authorization Code Grant:

  • Redirect the end user in the browser to the authorization page using AuthorizationCodeRequestUrl to grant your application access to the end user's protected data.
  • Process the authorization response using AuthorizationCodeResponseUrl to parse the authorization code.
  • Request an access token and possibly a refresh token using AuthorizationCodeTokenRequest.
  • Access protected resources using Credential. Expired access tokens will automatically be refreshed using the refresh token (if applicable).

These are the typical steps of the the browser-based client flow specified in Implicit Grant:

  • Redirect the end user in the browser to the authorization page using BrowserClientRequestUrl to grant your browser application access to the end user's protected data.
  • Use a JavaScript application to process the access token found in the URL fragment at the redirect URI registered with the authorization server.

Since:
1.7