Class OAuth2Client
java.lang.Object
cloud.opencode.base.oauth2.OAuth2Client
- All Implemented Interfaces:
AutoCloseable
OAuth2 Client
OAuth2 客户端
Main client for OAuth2 authentication flows.
OAuth2 认证流程的主客户端。
Features | 主要功能:
- Authorization Code Flow - 授权码流程
- Client Credentials Flow - 客户端凭证流程
- Device Code Flow - 设备码流程
- Token refresh - Token 刷新
- Token management - Token 管理
- PKCE support - PKCE 支持
Usage Examples | 使用示例:
// Create client with provider
OAuth2Client client = OAuth2Client.builder()
.provider(Providers.GOOGLE)
.clientId("your-client-id")
.clientSecret("your-client-secret")
.redirectUri("https://yourapp.com/callback")
.build();
// Generate authorization URL
PkceChallenge pkce = PkceChallenge.generate();
String authUrl = client.getAuthorizationUrl("state", pkce);
// Exchange code for token
OAuth2Token token = client.exchangeCode(code, pkce.verifier());
// Use token
String accessToken = token.accessToken();
Thread Safety | 线程安全:
This class is thread-safe.
此类是线程安全的。
- Since:
- JDK 25, opencode-base-oauth2 V1.0.0
- Author:
- Leon Soo www.LeonSoo.com
- See Also:
-
Nested Class Summary
Nested ClassesModifier and TypeClassDescriptionstatic classOAuth2Client Builder OAuth2Client 构建器 -
Method Summary
Modifier and TypeMethodDescriptionstatic OAuth2Client.Builderbuilder()Create a new builder 创建新的构建器voidclose()config()Get the configuration 获取配置exchangeCode(String code) Exchange authorization code for token 使用授权码交换 TokenexchangeCode(String code, String codeVerifier) Exchange authorization code for token with PKCE verifier 使用授权码和 PKCE 验证器交换 TokengetAuthorizationUrl(String state) Generate authorization URL 生成授权 URLgetAuthorizationUrl(String state, PkceChallenge pkce) Generate authorization URL with PKCE 生成带有 PKCE 的授权 URLgetAuthorizationUrl(String state, PkceChallenge pkce, Map<String, String> additionalParams) Generate authorization URL with PKCE and additional parameters 生成带有 PKCE 和附加参数的授权 URLGet token using client credentials 使用客户端凭证获取 TokengetStoredToken(String key) Get a stored token 获取存储的 TokengetUserInfo(OAuth2Token token) Get user info using a token 使用 Token 获取用户信息getValidToken(String key) Get a valid token, refreshing if necessary 获取有效的 Token,必要时刷新pollDeviceToken(String deviceCode) Poll for token using device code 使用设备码轮询 TokenrefreshToken(OAuth2Token token) Refresh a token 刷新 TokenrefreshToken(String refreshToken) Refresh a token 刷新 TokenvoidremoveToken(String key) Remove a stored token 移除存储的 TokenRequest device code for device authorization flow 请求设备码以进行设备授权流程voidrevokeToken(OAuth2Token token) Revoke a token 撤销 TokenvoidrevokeToken(String token) Revoke a token 撤销 TokenvoidstoreToken(String key, OAuth2Token token) Store a token 存储 Token
-
Method Details
-
config
-
getAuthorizationUrl
-
getAuthorizationUrl
Generate authorization URL with PKCE 生成带有 PKCE 的授权 URL- Parameters:
state- the state parameter | state 参数pkce- the PKCE challenge | PKCE 挑战- Returns:
- the authorization URL | 授权 URL
-
getAuthorizationUrl
public String getAuthorizationUrl(String state, PkceChallenge pkce, Map<String, String> additionalParams) Generate authorization URL with PKCE and additional parameters 生成带有 PKCE 和附加参数的授权 URL- Parameters:
state- the state parameter | state 参数pkce- the PKCE challenge | PKCE 挑战additionalParams- additional query parameters | 附加查询参数- Returns:
- the authorization URL | 授权 URL
-
exchangeCode
Exchange authorization code for token 使用授权码交换 Token- Parameters:
code- the authorization code | 授权码- Returns:
- the token | Token
-
exchangeCode
Exchange authorization code for token with PKCE verifier 使用授权码和 PKCE 验证器交换 Token- Parameters:
code- the authorization code | 授权码codeVerifier- the PKCE code verifier | PKCE 代码验证器- Returns:
- the token | Token
-
getClientCredentialsToken
Get token using client credentials 使用客户端凭证获取 Token- Returns:
- the token | Token
-
requestDeviceCode
Request device code for device authorization flow 请求设备码以进行设备授权流程- Returns:
- the device code response | 设备码响应
-
pollDeviceToken
Poll for token using device code 使用设备码轮询 Token- Parameters:
deviceCode- the device code | 设备码- Returns:
- the token if authorized, empty if still pending | 如果授权则返回 Token,仍在等待则返回空
- Throws:
OAuth2Exception- if authorization is denied or expired | 如果授权被拒绝或过期
-
refreshToken
Refresh a token 刷新 Token- Parameters:
refreshToken- the refresh token | 刷新令牌- Returns:
- the new token | 新 Token
-
refreshToken
Refresh a token 刷新 Token- Parameters:
token- the token to refresh | 要刷新的 Token- Returns:
- the new token | 新 Token
-
revokeToken
Revoke a token 撤销 Token- Parameters:
token- the token to revoke | 要撤销的 Token
-
revokeToken
Revoke a token 撤销 Token- Parameters:
token- the token to revoke | 要撤销的 Token
-
getUserInfo
Get user info using a token 使用 Token 获取用户信息- Parameters:
token- the access token | 访问令牌- Returns:
- the user info | 用户信息
-
storeToken
Store a token 存储 Token- Parameters:
key- the storage key | 存储键token- the token | Token
-
getStoredToken
Get a stored token 获取存储的 Token- Parameters:
key- the storage key | 存储键- Returns:
- the token if found | 找到的 Token
-
getValidToken
Get a valid token, refreshing if necessary 获取有效的 Token,必要时刷新- Parameters:
key- the storage key | 存储键- Returns:
- the valid token | 有效的 Token
- Throws:
OAuth2Exception- if no token found or refresh fails | 如果未找到 Token 或刷新失败
-
removeToken
Remove a stored token 移除存储的 Token- Parameters:
key- the storage key | 存储键
-
close
public void close()- Specified by:
closein interfaceAutoCloseable
-
builder
Create a new builder 创建新的构建器- Returns:
- the builder | 构建器
-