Package com.esri.arcgisruntime.security

Class OAuthLoginManager

  • public final class OAuthLoginManager
extends java.lang.Object
    Assists with the retrieval of an OAuthTokenCredential by launching an intent to show the OAuth login page in a device-installed browser app for custom OAuth workflows (those not already handled by the DefaultAuthenticationChallengeHandler). The redirect URI provided to this class (which must be declared in your redirect URI list on your arcgis.com application page) will be called with the resulting URI that contains the authorization URL. The application must declare an Activity and intent filter to handle this redirect URI. Once the intent has been intercepted, it can be passed to fetchOAuthTokenCredentialAsync(Intent). This will parse the authorization code from the response URI (or throw an exception if an error occurred) and use it to fetch an OAuthTokenCredential, this will then be placed in the AuthenticationManager's credential cache. The general workflow for using this class is as follows:
    1. OAuthLoginManager oAuthLoginManager = new OAuthLoginManager(context, portalUrl, clientId, redirectUri, expiration); // where portalUrl default value should be https://www.arcgis.com
    2. oAuthLoginManager.launchOAuthBrowserPage();
    3. Receive the resulting Intent in the activity declared in the manifest
    4. OAuthTokenCredential credential = oAuthLoginManager.fetchOAuthTokenCredentialAsync(intent)
    Note: As this class is only required for custom OAuth workflows not already provided by the DefaultAuthenticationChallengeHandler, it is not necessary to add OAuth configurations via AuthenticationManager.addOAuthConfiguration(OAuthConfiguration).
    Since:
    100.0.0
    See Also:
    AuthenticationManager, DefaultAuthenticationChallengeHandler

    • Constructor Summary

      Constructors 
      Constructor Description
      OAuthLoginManager​(java.lang.String portalUrl, java.lang.String clientId, java.lang.String redirectUri, int expiration)
      Constructs an OAuthLoginManager with a Portal URL, the client ID registered to the application, the redirect URI that directs the result back into the application, and the expiration time for the refresh token.

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      ListenableFuture<OAuthTokenCredential> fetchOAuthTokenCredentialAsync​(android.content.Intent intent)
      Asynchronously fetches an OAuthTokenCredential using the response URI in the passed intent.
      java.lang.String getCulture()
      Gets the culture code corresponding to the language to be used on the OAuth login page.
      void launchOAuthBrowserPage​(android.content.Context context)
      Launches an intent to show the OAuth login page in a device installed browser.
      void launchOAuthBrowserPageInCustomTabs​(android.content.Context context)
      Launches an intent to show the OAuth login page within the context of your app using Chrome Custom Tabs.
      void setCulture​(java.lang.String culture)
      Sets the culture code corresponding to the language to be used on the OAuth login page.
      void setupPKCEParameters()
      Generates PKCE (proof key code exchange) parameters for OAUTH related requests, such as fetching the OAUTH access token, refresh token as well as revoking a token.

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Constructor Detail

      • OAuthLoginManager

        public OAuthLoginManager​(java.lang.String portalUrl,
                         java.lang.String clientId,
                         java.lang.String redirectUri,
                         int expiration)
        Constructs an OAuthLoginManager with a Portal URL, the client ID registered to the application, the redirect URI that directs the result back into the application, and the expiration time for the refresh token.
        Parameters:
        portalUrl - the URL of the portal, default to https://www.arcgis.com
        clientId - the client ID
        redirectUri - the redirect URI registered for the application
        expiration - the expiration of the refresh token in minutes. The refresh token can be valid for up to 90 days (129600 minutes) or the maximum limit set at the ArcGIS Online organisation level (whichever is minimum). Once the refresh token has expired, the user will have to log in again. For a permanent refresh token (if the portal supports it), use -1
        Since:
        100.0.0

    • Method Detail

      • setCulture

        public void setCulture​(java.lang.String culture)
        Sets the culture code corresponding to the language to be used on the OAuth login page.

        The default culture is based on the current culture set on the device/machine. Set it to null if you want to see the OAuth login page in the language corresponding to the culture set in the portal/organization settings.

        The format for culture code is based on a language code and a country code separated by a dash. Example: "en-US".

        Parameters:
        culture - the culture code to use, or null to see the OAuth login page in the language corresponding to the culture set in the portal/organization settings
        Since:
        100.9.0

      • getCulture

        public java.lang.String getCulture()
        Gets the culture code corresponding to the language to be used on the OAuth login page.

        The default culture is based on the current culture set on the device/machine.

        The format for culture code is based on a language code and a country code separated by a dash. Example: "en-US".

        Returns:
        the culture code currently in use, or null to use the culture set in the portal/organization settings
        Since:
        100.9.0

      • setupPKCEParameters

        public void setupPKCEParameters()
        Generates PKCE (proof key code exchange) parameters for OAUTH related requests, such as fetching the OAUTH access token, refresh token as well as revoking a token. Call this method only if the associated portal supports PKCE. PKCE is supported for portal version 10.9 and higher.
        Since:
        100.12.0

      • launchOAuthBrowserPage

        public void launchOAuthBrowserPage​(android.content.Context context)
        Launches an intent to show the OAuth login page in a device installed browser. The parameters passed in the constructor will be used to create the authorization URL to show. Once the user has logged in, the redirect URI will be called with an authorization code or error. The Activity declared in the manifest to intercept such intents can pass the resulting intent to fetchOAuthTokenCredentialAsync(Intent), which will parse the resulting URI for an authorization code and use it to fetch an OAuthTokenCredential, or throw an exception if there was an issue getting an authorization code or fetching the credential.
        Parameters:
        context - the context used to launch the browser intent
        Since:
        100.0.0

      • launchOAuthBrowserPageInCustomTabs

        public void launchOAuthBrowserPageInCustomTabs​(android.content.Context context)
        Launches an intent to show the OAuth login page within the context of your app using Chrome Custom Tabs. If Chrome Custom Tabs are not supported on the device, the OAuthLoginManager will fall back to launching the login page in the devices's default browser. The parameters passed in the constructor will be used to create the authorization URL to show. Once the user has logged in, the redirect URI will be called with an authorization code or an error. The Activity declared in the manifest to intercept such intents can pass the resulting intent to fetchOAuthTokenCredentialAsync(Intent), which will parse the resulting URI for an authorization code and use it to fetch an OAuthTokenCredential, or throw an exception if there was an issue getting an authorization code or fetching the credential.
        Parameters:
        context - the context used to launch the browser intent
        Since:
        100.7.0

      • fetchOAuthTokenCredentialAsync

        public ListenableFuture<OAuthTokenCredential> fetchOAuthTokenCredentialAsync​(android.content.Intent intent)
        Asynchronously fetches an OAuthTokenCredential using the response URI in the passed intent. If there was an error getting the authorization code, it will be thrown as an IOException. If there is an error fetching the OAuthTokenCredential with a successful authorization code, a CancellationException or an IOException might be thrown.
        Parameters:
        intent - the response intent from the browser that showed the OAuth login page
        Returns:
        a ListenableFuture for tracking when the computation is done and getting the result
        Since:
        100.0.0