| Interface | Description |
|---|---|
| AuthorizationService.RegistrationResponseCallback |
Callback interface for token endpoint requests.
|
| AuthorizationService.TokenResponseCallback |
Callback interface for token endpoint requests.
|
| AuthorizationServiceConfiguration.RetrieveConfigurationCallback |
Callback interface for configuration retrieval.
|
| AuthState.AuthStateAction |
Interface for actions executed in the context of fresh (non-expired) tokens.
|
| ClientAuthentication |
| Class | Description |
|---|---|
| AppAuthConfiguration |
Defines configuration properties that control the behavior of the AppAuth library, independent
of the OAuth2 specific details that are described.
|
| AppAuthConfiguration.Builder |
Creates
AppAuthConfiguration instances. |
| AuthorizationException.AuthorizationRequestErrors |
Error codes related to failed authorization requests.
|
| AuthorizationException.GeneralErrors |
Error codes specific to AppAuth for Android, rather than those defined in the OAuth2 and
OpenID specifications.
|
| AuthorizationException.RegistrationRequestErrors |
Error codes related to failed registration requests.
|
| AuthorizationException.TokenRequestErrors |
Error codes related to failed token requests.
|
| AuthorizationManagementActivity |
Stores state and handles events related to the authorization flow.
|
| AuthorizationRequest |
An OAuth2 authorization request.
|
| AuthorizationRequest.Builder |
Creates instances of
AuthorizationRequest. |
| AuthorizationRequest.Display |
All spec-defined values for the OpenID Connect 1.0
display parameter. |
| AuthorizationRequest.Prompt |
All spec-defined values for the OpenID Connect 1.0
prompt parameter. |
| AuthorizationRequest.ResponseMode |
All spec-defined values for the OAuth2 / OpenID Connect
response_mode parameter. |
| AuthorizationRequest.Scope |
All spec-defined values for the OAuth2 / OpenID Connect 1.0
scope parameter. |
| AuthorizationResponse |
A response to an authorization request.
|
| AuthorizationResponse.Builder |
Creates instances of
AuthorizationResponse. |
| AuthorizationService |
Dispatches requests to an OAuth2 authorization service.
|
| AuthorizationServiceConfiguration |
Configuration details required to interact with an authorization service.
|
| AuthorizationServiceDiscovery |
An OpenID Connect 1.0 Discovery Document.
|
| AuthState |
Collects authorization state from authorization requests and responses.
|
| ClientSecretBasic |
Implementation of the client authentication method ‘client_secret_basic’.
|
| ClientSecretPost |
Implementation of the client authentication method ‘client_secret_post’.
|
| CodeVerifierUtil |
Generates code verifiers and challenges for PKCE exchange.
|
| GrantTypeValues |
The grant type values defined by the OAuth2 spec, and
used in
authorization and
dynamic client registration requests. |
| NoClientAuthentication |
Implementation of the client authentication method ‘none’.
|
| Preconditions |
Utility class for guava style pre-condition checks.
|
| RedirectUriReceiverActivity |
Activity that receives the redirect Uri sent by the OpenID endpoint.
|
| RegistrationRequest | |
| RegistrationRequest.Builder |
Creates instances of
RegistrationRequest. |
| RegistrationResponse | |
| RegistrationResponse.Builder | |
| ResponseTypeValues |
The response type values defined by the
OAuth 2.0 and
OpenID Connect Core 1.0
specifications, used in
authorization and
dynamic client registration requests. |
| TokenRequest |
An OAuth2 token request.
|
| TokenRequest.Builder |
Creates instances of
TokenRequest. |
| TokenResponse |
A response to a token request.
|
| TokenResponse.Builder |
Creates instances of
TokenResponse. |
| Exception | Description |
|---|---|
| AuthorizationException |
Returned as a response to OAuth2 requests if they fail.
|
| AuthorizationServiceDiscovery.MissingArgumentException |
Thrown when a mandatory property is missing from the discovery document.
|
| ClientAuthentication.UnsupportedAuthenticationMethod |
Thrown when a mandatory property is missing from the registration response.
|
| RegistrationResponse.MissingArgumentException |
Thrown when a mandatory property is missing from the registration response.
|
AppAuth for Android.
AppAuth for Android is a client SDK for communication with OAuth2 and OpenID Connect providers. It strives to directly map the requests and responses of those specifications, while following the idiomatic style of the implementation language. In addition to mapping the raw protocol flows, convenience methods are available to assist with common tasks like performing an action with fresh tokens.
The library follows the best practices set out in
RFC 8252 - OAuth 2.0 for Native Apps
including using
Custom
Tabs for the auth request. For this reason, android.webkit.WebView is explicitly
_not_ supported due to usability and security reasons.
The library also supports the PKCE extension to OAuth which was created to secure authorization codes in public clients when custom URI scheme redirects are used. The library is friendly to other extensions (standard or otherwise) with the ability to handle additional parameters in all protocol requests and responses.