Package io.vertx.rxjava3.ext.web.handler

Class OAuth2AuthHandler

    • Field Detail

      • __TYPE_ARG

        public static final io.vertx.lang.rx.TypeArg<OAuth2AuthHandler> __TYPE_ARG

    • Constructor Detail

      • OAuth2AuthHandler

        public OAuth2AuthHandler​(Object delegate)

    • Method Detail

      • hashCode

        public int hashCode()
        Overrides:
        hashCode in class Object

      • create

        public static OAuth2AuthHandler create​(Vertx vertx,
                                       OAuth2Auth authProvider,
                                       String callbackURL)
        Create a OAuth2 auth handler with host pinning. When no scopes are explicit declared, the default scopes will be looked up from the route metadata under the key scopes which can either be a single String or a .
        Parameters:
        vertx - the vertx instance
        authProvider - the auth provider to use
        callbackURL - the callback URL you entered in your provider admin console, usually it should be something like: https://myserver:8888/callback
        Returns:
        the auth handler

      • create

        public static OAuth2AuthHandler create​(Vertx vertx,
                                       OAuth2Auth authProvider)
        Create a OAuth2 auth handler without host pinning.Most providers will not look to the redirect url but always redirect to the preconfigured callback. So this factory does not provide a callback url. When no scopes are explicit declared, the default scopes will be looked up from the route metadata under the key scopes which can either be a single String or a .
        Parameters:
        vertx - the vertx instance
        authProvider - the auth provider to use
        Returns:
        the auth handler

      • extraParams

        public OAuth2AuthHandler extraParams​(JsonObject extraParams)
        Extra parameters needed to be passed while requesting a token.
        Parameters:
        extraParams - extra optional parameters.
        Returns:
        self

      • withScope

        public OAuth2AuthHandler withScope​(String scope)
        Return a new instance with the internal state copied from the caller but the scopes to be requested during a token request are unique to the instance. When scopes are applied to the handler, the default scopes from the route metadata will be ignored.
        Parameters:
        scope - scope.
        Returns:
        new instance of this interface.

      • withScopes

        public OAuth2AuthHandler withScopes​(List<String> scopes)
        Return a new instance with the internal state copied from the caller but the scopes to be requested during a token request are unique to the instance. When scopes are applied to the handler, the default scopes from the route metadata will be ignored.
        Parameters:
        scopes - scopes.
        Returns:
        new instance of this interface.

      • prompt

        public OAuth2AuthHandler prompt​(String prompt)
        Indicates the type of user interaction that is required. Not all providers support this or the full list. Well known values are:
        • login will force the user to enter their credentials on that request, negating single-sign on.
        • none is the opposite - it will ensure that the user isn't presented with any interactive prompt whatsoever. If the request can't be completed silently via single-sign on, the Microsoft identity platform endpoint will return an interaction_required error.
        • consent will trigger the OAuth consent dialog after the user signs in, asking the user to grant permissions to the app.
        • select_account will interrupt single sign-on providing account selection experience listing all the accounts either in session or any remembered account or an option to choose to use a different account altogether.
        Parameters:
        prompt - the prompt choice.
        Returns:
        self

      • pkceVerifierLength

        public OAuth2AuthHandler pkceVerifierLength​(int length)
        PKCE (RFC 7636) is an extension to the Authorization Code flow to prevent several attacks and to be able to securely perform the OAuth exchange from public clients. It was originally designed to protect mobile apps, but its ability to prevent authorization code injection makes it useful for every OAuth client, even web apps that use a client secret.
        Parameters:
        length - A number between 43 and 128. Or -1 to disable.
        Returns:
        self

      • setupCallback

        public OAuth2AuthHandler setupCallback​(Route route)
        add the callback handler to a given route.
        Parameters:
        route - a given route e.g.: /callback
        Returns:
        self