wuman / android-oauth-client Goto Github PK

Android OAuth Client (android-oauth-client) is a library that helps to easily add an OAuth flow to an existing Android application.

License: Apache License 2.0

Java 100.00%

android-oauth-client's Introduction

Android OAuth Client Library (android-oauth-client)

The android-oauth-client library helps you to easily add an OAuth flow to your existing Android application. It automatically shows a customizable Android dialog with WebView to guide the user to eventually grant you an access token.

To help you manage access tokens, the library also includes an out-of-the-box credential store which stores tokens in SharedPreferences.

This client library is an Android extension to the Google OAuth Client Library for Java.

FEATURES

Supports the following OAuth flows via the google-oauth-java-client library:
- OAuth 1.0a
- OAuth 2.0 Explicit Authorization (authorization code)
- OAuth 2.0 Implicit Authorization
Automatically handles the OAuth flow in both android.app.DialogFragment and android.support.v4.app.DialogFragment. The dialog UI is fully customizable.
Provides an out-of-the-box credential store implementation via SharedPreferences.
Provides sample applications that already work with popular social network services such as:
- Flickr (OAuth 1.0a)
- Foursquare (OAuth 2.0 Explicit/Implicit)
- GitHub (OAuth 2.0 Explicit)
- Instagram (OAuth 2.0 Implicit)
- LinkedIn (OAuth 1.0a, OAuth 2.0 Explicit)
- Plurk (OAuth 1.0a)
- Twitter (OAuth 1.0a)

Note on OAuth flows: In general you should prefer OAuth 2.0 Implicit Authorization over OAuth 2.0 Explicit Authorization because implicit authorization does not require the client secret to be stored in the client.

USAGE

Regardless of which OAuth flow you intend to incorporate into your Android application, the android-oauth-client library can be used in 2 simple steps:

Obtain an instance of OAuthManager by supplying the following 2 parameters:
- An AuthorizationFlow instance which automatically handles the OAuth flow logic,
- An AuthorizationUIController which manages the UI.
Call one of the 3 possible authorize methods on OAuthManager. The call may be called from any thread either synchronously or asynchronously with an OAuthCallback<Credential>.
- OAuthManager.authorize10a()
- OAuthManager.authorizeExplicitly()
- OAuthManager.authorizeImplicitly()

We will go into more detail about each of the steps.

Obtaining an OAuthManager instance

OAuthManager can be obtained by direct instantiation:

OAuthManager oauth = new OAuthManager(flow, controller);

Obtaining an access token via the OAuthManager

To start the OAuth flow and obtain an access token, call one of the authorize() methods according to the authorization flow of your choice.

You may invoke the authorize() method synchronously:

Credential credential = oauth.authorizeImplicitly("userId", null, null).getResult();
// continue to make API queries with credential.getAccessToken()

You may also invoke the authorize() method asynchronously with an OAuthCallback, executed on a android.os.Handler of your choice.

OAuthCallback<Credential> callback = new OAuthCallback<Credential>() {
    @Override public void run(OAuthFuture<Credential> future) {
        Credential credential = future.getResult();
        // make API queries with credential.getAccessToken()
    }
};
oauth.authorizeImplicitly("userId", callback, handler);

Note that if a Handler is not supplied, the callback will be invoked on the main thread.

CredentialStore

Use the provided SharedPreferencesCredentialStore, which automatically serializes access tokens to and from SharedPreferences in JSON format.

SharedPreferencesCredentialStore credentialStore =
    new SharedPreferencesCredentialStore(context,
        "preferenceFileName", new JacksonFactory());

AuthorizationFlow

An AuthorizationFlow instance may be obtained via its Builder:

AuthorizationFlow.Builder builder = new AuthorizationFlow.Builder(
    BearerToken.authorizationHeaderAccessMethod(),
    AndroidHttp.newCompatibleTransport(),
    new JacksonFactory(),
    new GenericUrl("https://socialservice.com/oauth2/access_token"),
    new ClientParametersAuthentication("CLIENT_ID", "CLIENT_SECRET"),
    "CLIENT_ID",
    "https://socialservice.com/oauth2/authorize");
builder.setCredentialStore(credentialStore);
AuthorizationFlow flow = builder.build();

For OAuth 2.0 flows, you may wish to add OAuth scopes:

builder.setScopes(Arrays.asList("scope1", "scope2"));

For the OAuth 1.0a flow, you need to set the temporary token request URL:

builder.setTemporaryTokenRequestUrl("https://socialservice.com/oauth/requestToken");

Note that CLIENT_SECRET may be omitted and be replaced with a null value for the OAuth 2.0 Implicit Authorization flow.

Also, CLIENT_ID and CLIENT_SECRET are called CONSUMER_KEY and CONSUMER_SECRET in the OAuth 1.0a flow.

AuthorizationUIController

Use the provided DialogFragmentController, which automatically handles most of the UI for you via an Android dialog. The DialogFragmentController has two constructors, one taking android.app.FragmentManager and the other taking android.support.v4.app.FragmentManager as the sole input parameter. Depending on how you instantiate the controller, either android.app.DialogFragment or android.support.v4.app.DialogFragment will be used.

AuthorizationUIController controller =
    new DialogFragmentController(getFragmentManager()) {

        @Override
        public String getRedirectUri() throws IOException {
            return "http://localhost/Callback";
        }

        @Override
        public boolean isJavascriptEnabledForWebView() {
            return true;
        }

    };

PROGUARD

On Android it is typical to use Proguard to obfuscate and shrink code in order to reduce application size and improve security. If you are using Proguard, make sure you include the following configurations:

# Needed to keep generic types and @Key annotations accessed via reflection
-keepattributes Signature,RuntimeVisibleAnnotations,AnnotationDefault

-keepclasseswithmembers class * {
  @com.google.api.client.util.Key <fields>;
}

-keepclasseswithmembers class * {
  @com.google.api.client.util.Value <fields>;
}

-keepnames class com.google.api.client.http.HttpTransport

# Needed by google-http-client-android when linking against an older platform version
-dontwarn com.google.api.client.extensions.android.**

# Needed by google-api-client-android when linking against an older platform version
-dontwarn com.google.api.client.googleapis.extensions.android.**

# Do not obfuscate but allow shrinking of android-oauth-client
-keepnames class com.wuman.android.auth.** { *; }

SAMPLES

A sample application is provided to showcase how you might use the library in a real-life Android application. In addition to default usage, the sample application also has examples for customizing the Dialog UI as well as OAuth integrations for popular social network services such as Flickr, LinkedIn, Twitter, etc.

HOW TO USE THE LIBRARY

Android OAuth Client is available for download from the Maven Central repository. You may also include it as a dependency by including the following coordinates:

<dependency>
  <groupId>com.wu-man</groupId>
  <artifactId>android-oauth-client</artifactId>
  <version>0.4.5</version>
</dependency>

or using Gradle

dependencies {
   compile 'com.wu-man:android-oauth-client:0.4.5'
}

As of v0.0.3, an Android library AAR format is available as well. The artifact coordinates are:

<dependency>
  <groupId>com.wu-man</groupId>
  <artifactId>android-oauth-client</artifactId>
  <version>0.4.5</version>
  <type>aar</type>
</dependency>

HOW TO BUILD THE PROJECT

You should use the included Gradle wrapper to build the project with the following command:

./gradlew clean build

The resulting jar file is located at library/build/libs/library.jar and the aar file is located at library/build/libs/library.aar.

CONTRIBUTE

If you would like to contribute code to android-oauth-client you can do so through GitHub by forking the repository and sending a pull request.

In general if you are contributing we ask you to follow the AOSP coding style guidelines. If you are using an IDE such as Eclipse, it is easiest to use the AOSP style formatters.

You may file an issue if you find bugs or would like to add a new feature.

We do not have a mailing list. All questions should be asked and will be answered on StackOverflow using the android-oauth-client tag.

DEVELOPED BY

David Wu - [email protected] - http://blog.wu-man.com

LICENSE

Copyright 2013 David Wu
Copyright (C) 2010 Google Inc.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

    http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

android-oauth-client's People

Contributors

Stargazers

Watchers

Forkers

khalidelsayed walkurec brandhill garciaae papersnake randhika kingargyle cooper6334 tukobit b3457m0d3 phuc149 abner-xiao lfaganello bdenney matrixy yu01 eladgel cwnga kabuko aaronpoweruser aamirkhani sankarvaiyapuri ajaykoppisetty researchase pilif politesm hrym dmarjanovic hijamoya ryandzhunter kalyanb9119 takumalee adnankukuljac crankycoder fitrahyusuf tomafc330 heart2009 jacksnow00 kevinli194 sigh0829 asutosh11 hphua markpotter diegoam azizurice endymuhardin kjayathilake codebe explore-android pehuabang mayank19882001 andych008 jdonmoyer iamasthme colinnj wsrspirit loisaidasam productigeeky ycads manishpatelgt madmouse anricheng rexee aman17 findataarthurlai bestsoft2go leechunhoe charaku zinto aloha1 hrza agrusha frankcash kalyanreddyy dbd5 azmallco rahulzero147 damdud robsonmobile marajimenez mahboubabenmabrouk yhrun praneetloke simonzettervall mateuszwlodarczyk265 unit4 niuxinghua ems305 pareshd arpitsingh21 deberle inesrebocho debashisb lawlight saadbilal nirabpudasaini sharshan1 henriquejonas asad-noor svekul

android-oauth-client's Issues

Exception during Integrating with django's oauth2_provider

Hello,

I would like to thank you for such a nice utility to abstract the complexities of oauth. I have a question on its implementation. This may not be a bug/feature and just a gap in my understanding. If so, please excuse me.

I am trying to use oauth2 authentication via Django's oauth2_provider. I am able to generate token and refresh token via curl.
curl -X POST -d "grant_type=password&username=user1&password=user1&client_secret=${ClientSecret}&client_id=${ClientId}" http://localhost:8000/o/token/

I have set authorization grant type as "resource owner password-based".

When I try to use android-oauth-client, I get a exception. As you can see, the url generated from android-oauth-client is a little different. Can you please point me to any issues in my approach?

900 2212-2212/com.sanabhi.dropboat W/IInputConnectionWrapper: finishComposingText on inactive InputConnection
11-09 02:11:38.907 2212-2212/com.sanabhi.dropboat I/OAuthAndroid: onPageStarted: http://localhost:8000/o/token/?client_id=rXBixkjnYvZf78HUm8Jw17fR2awHgV5nqGHfTAaE&redirect_uri=http://localhost:8000/o/authorize&response_type=token
11-09 02:11:38.907 2212-2212/com.sanabhi.dropboat I/OAuthAndroid: url: http://localhost:8000/o/token/?client_id=rXBixkjnYvZf78HUm8Jw17fR2awHgV5nqGHfTAaE&redirect_uri=http://localhost:8000/o/authorize&response_type=token, redirect: http://localhost:8000/o/authorize, callback: false
11-09 02:11:38.920 2212-9801/com.sanabhi.dropboat W/System.err: java.io.IOException: User authorization failed (net::ERR_CONNECTION_REFUSED)
11-09 02:11:38.920 2212-9801/com.sanabhi.dropboat W/System.err: at com.wuman.android.auth.DialogFragmentController.waitForImplicitResponseUrl(DialogFragmentController.java:189)
11-09 02:11:38.920 2212-9801/com.sanabhi.dropboat W/System.err: at com.wuman.android.auth.OAuthManager$4.doWork(OAuthManager.java:260)
11-09 02:11:38.920 2212-9801/com.sanabhi.dropboat W/System.err: at com.wuman.android.auth.OAuthManager$BaseFutureTask.startTask(OAuthManager.java:420)
11-09 02:11:38.920 2212-9801/com.sanabhi.dropboat W/System.err: at com.wuman.android.auth.OAuthManager$Future2Task.start(OAuthManager.java:443)
11-09 02:11:38.920 2212-9801/com.sanabhi.dropboat W/System.err: at com.wuman.android.auth.OAuthManager$5.run(OAuthManager.java:399)
11-09 02:11:38.921 2212-9801/com.sanabhi.dropboat W/System.err: at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:423)
11-09 02:11:38.921 2212-9801/com.sanabhi.dropboat W/System.err: at java.util.concurrent.FutureTask.run(FutureTask.java:237)
11-09 02:11:38.921 2212-9801/com.sanabhi.dropboat W/System.err: at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1113)
11-09 02:11:38.921 2212-9801/com.sanabhi.dropboat W/System.err: at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:588)
11-09 02:11:38.921 2212-9801/com.sanabhi.dropboat W/System.err: at java.lang.Thread.run(Thread.java:818)

Gradle Sync Does Not Work In Later Versions

On attempting to sync 0.1.0 or 0.2.0 over gradle in Android Studio, I get an error that the android-oauth-client "uses libraries when it is not a library itself". Sync works fine on the earlier version of 0.0.3 I am attempting to grab a later version to get fullscreen support for the dialog.

Support for resource owner password flow

Is there support for the resource owner password OAuth 2 flow?

Does this library supports "Resource owner credentials grant"?

I am a backend developer checking out some android oauth2 libraries. I want to know if this library supports the grant type "Resource owner credentials" as specified in OAuth specification. If not can anybody point me in the direction of the library that does?

Thanks.

It can not support Android 7.0.

Webview can't load auth url in dialogFragment.
Webview could work in dialog or activity.

The WebView key event performs twice

wv.setOnKeyListener(new View.OnKeyListener() { @Override public boolean onKey(View v, int keyCode, KeyEvent event) { WebView wv = (WebView) v; if (keyCode == KeyEvent.KEYCODE_BACK && wv.canGoBack()) { wv.goBack(); return true; } return false; } });
This code causes the back key event performs twice in com.wuman.android.auth.OAuthDialogFragment

Error Compiling with Java 7

I am getting the following error:

com.android.ide.common.process.ProcessException: org.gradle.process.internal.ExecException: Process 'command '/Library/Java/JavaVirtualMachines/jdk1.7.0_71.jdk/Contents/Home/bin/java'' finished with non-zero exit value 2

I believe this is a conflict with the AppCompat (using v21.0.3). When I remove it, it works.

Add dependency for JacksonFactory

Right now if you only specify a dependency on:

com.wu-man android-oauth-client 0.0.1

you have to include other dependencies to get the JacksonFactory class to be available.

Could not find method

Could not find method com.google.api.client.auth.oauth2.AuthorizationCodeFlow$Builder.setScopes,
referenced from method com.wuman.android.auth.AuthorizationFlow$Builder .setScopes

我用的google-api-client-1.17.0-rc 我看了AuthorizationCodeFlow.java
只有一个 setScopes 方法
AuthorizationFlow 中的的 Builder 重载了它三个 setScopes 方法，是不是新版本里去掉了某些方法

Problem running the example

i dont know why but i cant run the example, maven doesn't create all the dependencies because there is an errore in pom file

ERROR:
Project build error: Non-resolvable parent POM: Could not find artifact com.wuman:android-oauth-client-parent:pom:0.0.3-SNAPSHOT and 'parent.relativePath' points at wrong local POM

BLOCK:
com.wuman android-oauth-client-parent 0.0.3-SNAPSHOT ../pom.xml

OAuth 1.0a 2-legged flow

How to use this library for 2-legged flow? It seems to me it requires all the links for 3-legged flow and also does the 3-legged procedure in backgraound.

Unable to initiate post request with json body

I'm using this library to access oAuth 1.0 authenticated xero API, it's working fine in GET request so I'm able to get user's data. But it's not working with POST request so I'm unable to update anything it's always throwing 400 bad request but same request working with postman.

com.google.api.client.googleapis.json.GoogleJsonResponseException: 400 Bad Request
                                                                                    at com.google.api.client.googleapis.services.json.AbstractGoogleJsonClientRequest.newExceptionOnError(AbstractGoogleJsonClientRequest.java:113)
                                                                                    at com.google.api.client.googleapis.services.json.AbstractGoogleJsonClientRequest.newExceptionOnError(AbstractGoogleJsonClientRequest.java:40)
                                                                                    at com.google.api.client.googleapis.services.AbstractGoogleClientRequest$1.interceptResponse(AbstractGoogleClientRequest.java:321)
                                                                                    at com.google.api.client.http.HttpRequest.execute(HttpRequest.java:1056)
                                                                                    at com.google.api.client.googleapis.services.AbstractGoogleClientRequest.executeUnparsed(AbstractGoogleClientRequest.java:419)
                                                                                    at com.google.api.client.googleapis.services.AbstractGoogleClientRequest.executeUnparsed(AbstractGoogleClientRequest.java:352)
                                                                                    at com.google.api.client.googleapis.services.AbstractGoogleClientRequest.execute(AbstractGoogleClientRequest.java:469)
                                                                                    at com.kelltontech.aibconnectorapp.presenter.syncing.SyncPresenter$1.doInBackground(SyncPresenter.java:52)
                                                                                    at com.kelltontech.aibconnectorapp.presenter.syncing.SyncPresenter$1.doInBackground(SyncPresenter.java:40)
                                                                                    at android.os.AsyncTask$2.call(AsyncTask.java:304)
                                                                                    at java.util.concurrent.FutureTask.run(FutureTask.java:237)
                                                                                    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1133)
                                                                                    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:607)
                                                                                    at java.lang.Thread.run(Thread.java:761)

Make client work with urn:ietf:wg:oauth:2.0:oob

Right now if I set my redirect uri to 'urn:ietf:wg:oauth:2.0:oob', I can never receive a token due to the logic in OAuthDialogFragment#interceptUrlCompat. It would be nice in the AuthorizationFlow.Builder class to add a callback url and use that url in the interceptUrlCompat class instead of the redirect uri.

Not able to import to eclipse.

Too many errors showing up while importing. Am i doing something wrong. (I am using the latest android adt with lates eclipse)

Canceling authorization throws CancellationException

The methods:

waitForVerifierCode()
waitForExplicitCode()
waitForImplicitResponseUrl()

in DialogFragmentController will all throw a CancellationException if a user presses back when the authorization dialog is open, which is prone to happen. I suggest removing it or making it throw another exception. The fastest way is to just throw another IOException, which is already present in the code, and let users either ignore it or take action upon it.

java.lang.ClassCastException

java.lang.ClassCastException: com.google.api.client.auth.oauth2.AuthorizationCodeResponseUrl cannot be cast to com.google.api.client.auth.oauth2.AuthorizationCodeRequestUrl
at com.google.api.client.auth.oauth2.AuthorizationCodeResponseUrl.set(AuthorizationCodeResponseUrl.java:222)
at com.google.api.client.auth.oauth2.AuthorizationCodeResponseUrl.set(AuthorizationCodeResponseUrl.java:58)
at com.google.api.client.http.UrlEncodedParser.parse(UrlEncodedParser.java:182)
at com.google.api.client.http.UrlEncodedParser.parse(UrlEncodedParser.java:96)
at com.google.api.client.http.GenericUrl.(GenericUrl.java:165)
at com.google.api.client.http.GenericUrl.(GenericUrl.java:126)
at com.google.api.client.http.GenericUrl.(GenericUrl.java:115)
at com.google.api.client.auth.oauth2.AuthorizationCodeResponseUrl.(AuthorizationCodeResponseUrl.java:99)
at com.wuman.android.auth.OAuthDialogFragment$3.interceptUrlCompat(OAuthDialogFragment.java:361)
at com.wuman.android.auth.OAuthDialogFragment$3.shouldOverrideUrlLoading(OAuthDialogFragment.java:316)
at android.webkit.WebViewClient.shouldOverrideUrlLoading(WebViewClient.java:73)
at yk.b(PG:89)
at org.chromium.android_webview.AwContentsClientBridge.shouldOverrideUrlLoading(PG:172)
at org.chromium.base.SystemMessageHandler.nativeDoRunLoopOnce(Native Method)
at org.chromium.base.SystemMessageHandler.handleMessage(PG:9)
at android.os.Handler.dispatchMessage(Handler.java:102)
at android.os.Looper.loop(Looper.java:154)
at android.app.ActivityThread.main(ActivityThread.java:6123)
at java.lang.reflect.Method.invoke(Native Method)
at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:867)
at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:757)

Having title bar should be a constructor option

In 0.1.0 it was removed for full screen (great!) then in 0.2.0 it was added back in. This shouldn't be a hard coded state, it should be a constructor argument whether to include the bar.

DialogFragmentController's getRedirectUri() cannot return custom URL scheme

We are implementing OAuth2 flow on android. Our own OAuths system uses custom URL to redirect from authorising page back to the app so that the app can get the authorization_token for exchanging access_token with the OAuth server. Therefore we return our custom url in getRedirectUri() of our AuthorizationUIController.

But It now throws:
java.lang.IllegalArgumentException: java.net.MalformedURLException: Unknown protocol: {our custom scheme}

I would like to ask how thie library exchange authorization_token for access_token and if it supports custom URL redirection?

Crashes on API 16 caused by FragmentManagerCompat

There is an issue with your library caused by using an API that does not correspond to your level.

FragmentManagerCompat L. 35-41

boolean isDestroyed() {
    if (supportFragmentManager != null) {
        return supportFragmentManager.isDestroyed();
    } else {
        return nativeFragmentManager.isDestroyed(); // API 17+
    }
}

Here is the documentation: http://developer.android.com/reference/android/app/FragmentManager.html#isDestroyed()

The crash was introduced by the latest PR.

Hope you find it useful and fix it soon,
Thank you.

uses java.awt

Lint gave me the following error:

../../../../../.gradle/caches/modules-2/files-2.1/com.google.oauth-client/google-oauth-client-java6/1.15.0-rc/43f887355f67498501ff3d139c0bc53591244520/google-oauth-client-java6-1.15.0-rc.jar: Invalid package reference in library; not included in Android: java.awt. Referenced from com.google.api.client.extensions.java6.auth.oauth2.AuthorizationCodeInstalledApp.

I'm assuming this error can be supressed?

This is only an error if your code calls one of the library classes which wind up referencing the unsupported package.

Im guessing this class isnt used in your project.

Add ability to easily set title for DialogFragmentController

It would be nice to just have the default DialogFragmentController be able to accept a title (preferably in the constructor) rather than override the onPrepareDialog method to set it. I also think that if no title is specified the title bar of the dialog should be removed.

Dagger 2 annotation processor crash

Hi, project does not build after adding library via Gradle.

Stacktrace.. if it helps..

An annotation processor threw an uncaught exception.
Consult the following stack trace for details.
java.lang.IllegalArgumentException: expected one element but was: <android.support.v4.app.FragmentActivity, android.support.v4.app.TaskStackBuilder.SupportParentable>
    at com.google.common.collect.Iterators.getOnlyElement(Iterators.java:317)
    at com.google.common.collect.Iterators.getOnlyElement(Iterators.java:329)
    at com.google.common.collect.Iterables.getOnlyElement(Iterables.java:302)
    at dagger.shaded.auto.common.MoreTypes.nonObjectSuperclass(MoreTypes.java:722)
    at dagger.internal.codegen.MembersInjectionBinding$Factory.forInjectedType(MembersInjectionBinding.java:224)
    at dagger.internal.codegen.InjectBindingRegistry.getOrFindMembersInjectionBinding(InjectBindingRegistry.java:261)
    at dagger.internal.codegen.BindingGraph$Factory$RequestResolver.rollUpMembersInjectionBindings(BindingGraph.java:374)
    at dagger.internal.codegen.BindingGraph$Factory$RequestResolver.rollUpMembersInjectionBindings(BindingGraph.java:378)
    at dagger.internal.codegen.BindingGraph$Factory$RequestResolver.rollUpMembersInjectionBindings(BindingGraph.java:378)
    at dagger.internal.codegen.BindingGraph$Factory$RequestResolver.rollUpMembersInjectionBindings(BindingGraph.java:378)
    at dagger.internal.codegen.BindingGraph$Factory$RequestResolver.lookUpBindings(BindingGraph.java:366)
    at dagger.internal.codegen.BindingGraph$Factory$RequestResolver.resolve(BindingGraph.java:461)
    at dagger.internal.codegen.BindingGraph$Factory.create(BindingGraph.java:228)
    at dagger.internal.codegen.BindingGraph$Factory.create(BindingGraph.java:151)
    at dagger.internal.codegen.ComponentProcessingStep.process(ComponentProcessingStep.java:76)
    at dagger.shaded.auto.common.BasicAnnotationProcessor.process(BasicAnnotationProcessor.java:228)
    at com.sun.tools.javac.processing.JavacProcessingEnvironment.callProcessor(JavacProcessingEnvironment.java:794)
    at com.sun.tools.javac.processing.JavacProcessingEnvironment.discoverAndRunProcs(JavacProcessingEnvironment.java:705)
    at com.sun.tools.javac.processing.JavacProcessingEnvironment.access$1800(JavacProcessingEnvironment.java:91)
    at com.sun.tools.javac.processing.JavacProcessingEnvironment$Round.run(JavacProcessingEnvironment.java:1035)
etc..

Note : Did not try to inject anything. i've just add gradle dependency and proguard rules.

Best regards

Does oAuth client work with Honeycomb (3.1 or 3.0)?

I get this error when I attempt to use oAuth client with Honeycomb devices. I am using explicit authorization with GitHub as the provider.

Remove android:allowBackup from library

This should only be declared in the app -- it's actually giving me an error on my build when I include the library (even when I try to exclude it using tools:replace="android:allowBackup"

Update Maven version/instructions in README

First off, thanks for the lib, it seems like exactly what I need. Onto my issue...

I'm a bit new to gradle, trying to figure out how to use this project.

I see the latest version in the [Maven Repo](http://search.maven.org/#search|gav|1|g:"com.wu-man" AND a:"android-oauth-client") is 0.4.5, and the samples require a version newer than 0.0.3.

When I tried to plug in compile 'com.wu-man:android-oauth-client:0.4.5' into my dependencies block I got an error saying that the lib depends on libraries but is a jar. Not sure exactly what this means, but after looking around on the internet I got the tip to append @aar to the end, so compile 'com.wu-man:android-oauth-client:0.4.5@aar' which seemed to work.

But then my further com.google.api.client imports no longer worked. I'm assuming that installing the aar version doesn't include dependencies or something? I'm working towards it.

Conversion to Dalvik format failed with error 1

After adding:

com.wu-man
android-oauth-client
0.0.2

I get a "Conversion to Dalvik format failed with error 1". Any suggestions?

NullPointerException If do not set the "Request Initializer"

@Override
public AuthorizationCodeTokenRequest newTokenRequest(String authorizationCode) {
    return new LenientAuthorizationCodeTokenRequest(getTransport(), getJsonFactory(),
            new GenericUrl(getTokenServerEncodedUrl()), authorizationCode)
            .setClientAuthentication(getClientAuthentication())
            .setScopes(getScopes())
            .setRequestInitializer(
                    new HttpRequestInitializer() {
                        @Override
                        public void initialize(HttpRequest request) throws IOException {
                             //NullPointerException If do not set the "Request Initializer"
                            getRequestInitializer().initialize(request);
                            request.getHeaders().setAccept("application/json");
                        }
                    });
}

can you host the javadocs on github

title

example for google planned?

(0.4.5) ProgressBar not hiding properly, maven repo code does not match github repo

Hi, first of all thank you for putting effort to simplify the Oauth flow mess. i have noticed 2 issues at this moment.

progressbar doesnt always hide when the authentication dialog finishes its rendering.
I suppose that the github repo code should match the code stored in maven repo but it isnt,
actually you require to download the repository and import the library as a project.

Help

How to refresh a token , i dont know please help me to get new token.

i am integrating to uber.
the below code working fine.
My code:

SharedPreferencesCredentialStore credentialStore =
new SharedPreferencesCredentialStore(this,
"preferenceFileName", new JacksonFactory());

        AuthorizationFlow.Builder builder = new AuthorizationFlow.Builder(
                BearerToken.authorizationHeaderAccessMethod(),
                AndroidHttp.newCompatibleTransport(),
                new JacksonFactory(),
                new GenericUrl("https://login.uber.com/oauth/token"),
                new ClientParametersAuthentication("ADQjXcw8g7IG2d_wS2Yb0k0KA9YwKvYS",
                        "7R3GUDd-wW4Obtis9fKNkhvYL6t9Mz9hb3Z5Je5w"),
                "ADQjXcw8g7IG2d_wS2Yb0k0KA9YwKvYS",
                "https://login.uber.com/oauth/authorize");
        builder.setCredentialStore(credentialStore);
        ArrayList<String> scopes = new ArrayList<>();
        scopes.add("profile");
        scopes.add("places");
        //   scopes.add("request");
        builder.setScopes(scopes);
        AuthorizationFlow flow = builder.build();

        AuthorizationUIController controller =
                new DialogFragmentController(getFragmentManager()) {


                    @Override
                    public String getRedirectUri() throws IOException {
                        return "https://grabbngo";
                    }

                    @Override
                    public boolean isJavascriptEnabledForWebView() {
                        return false;
                    }

                    @Override
                    public boolean disableWebViewCache() {
                        return false;
                    }

                    @Override
                    public boolean removePreviousCookie() {
                        return false;
                    }
                };

        OAuthManager oauth = new OAuthManager(flow, controller);

        OAuthManager.OAuthCallback<Credential> callback = new OAuthManager.OAuthCallback<Credential>() {
            @Override
            public void run(OAuthManager.OAuthFuture<Credential> future) {
                try {
                    Credential credential = future.getResult();

                    //credential.getRefreshToken();

                    getUberStuff(credential.getAccessToken());
                } catch (Exception e) {
                    e.printStackTrace();
                }
            }
        };
        oauth.authorizeImplicitly("userId", callback, new Handler());
    }

void getUberStuff(final String token) throws AuthFailureError {
StringRequest stringRequest = new StringRequest(Request.Method.GET, "https://api.uber.com/v1/me",
new Response.Listener() {
@OverRide
public void onResponse(String response) {
Log.wtf("uresp", response);
try {
JSONObject jo = new JSONObject(response);
String img = jo.getString("picture");
String fname = jo.getString("first_name");
String lname = jo.getString("last_name");
String uuid = jo.getString("uuid");
String rider_id = jo.getString("rider_id");
String email = jo.getString("email");

                        prefs.edit().putString("lid", rider_id).putString("profileimg", img).putString("email", email).
                                putString("fname", fname).putString("lname", lname).
                                putString("token", token).
                                putString("source", "uber").commit();

                        startActivity(new Intent(Step1Activity.this, Step2Activity.class));
                        Step1Activity.this.finish();

                    } catch (JSONException e) {
                        e.printStackTrace();
                    }
                }
            }, new Response.ErrorListener() {
        @Override
        public void onErrorResponse(VolleyError error) {
            Log.wtf("uerr", error.toString());
        }
    }) {
        @Override
        public Map<String, String> getHeaders() throws AuthFailureError {

            Map<String, String> params = new HashMap<>();
            params.put("Authorization", "bearer " + token);
            return params;
        }
    };


    MyApp.q.add(stringRequest);
}

Client id and secret are public in github sample

Hi,

Public url

in above URL , client id and secret are public , I suggest using grade or some other ways to hide client secret from public.

Unable to use self signed certificate

I have a spring based authorization server running on my pc with self signed certificate.
In this case I'm unable to connect to the authorization server.

I get the following exception:

I/X509Util: Failed to validate the certificate chain, error: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.

I have created the following controller object with setting the webView's WebViewClient:

AuthorizationUIController controller = new DialogFragmentController(getFragmentManager(), true) {
	@Override
	public String getRedirectUri() throws IOException {
		return REDIRECT_URI;
	}

	@Override
	public boolean isJavascriptEnabledForWebView() {
		return true;
	}

	@Override
	public boolean disableWebViewCache() {
		return false;
	}

	@Override
	public boolean removePreviousCookie() {
		return false;
	}

	@Override
	public View onCreateView(LayoutInflater inflater, ViewGroup container, Bundle savedInstanceState) {
		View oauthLoginLayout = inflater.inflate(R.layout.oauth_login_layout, container, false);
		WebView webView = (WebView) oauthLoginLayout.findViewById(android.R.id.primary);
		if(webView != null) {
			webView.setWebViewClient(new WebViewClient() {
				public void onReceivedSslError (WebView view, SslErrorHandler handler, SslError error) {
					handler.proceed();
				}
			});
		}
		return oauthLoginLayout;
	}
};

But this has no effect, because in OAuthDialogFragment's onViewCreated method, the webView's WebViewClient is being set, so my custom WebViewClient is never used.

There should be an option to enable self signed certificates for the webview for testing purposes.

Merge fails for the manifest - need to update docs

Users should add tools:replace="android:allowBackup" to the application in the manifest.

createprocess error=2, the system cannot find the file

i have downloaded the zip and tried to open the project using android studio. i got the above error.when i click on the open file, it was opening to the line "def lastGitTag = "git describe --tags HEAD".execute().text".
i thought the reason could be because i do not have git on my system. so i installed git and set the git.exe path in settings. but still i get the same error.

i do not know what the reason could be. i want to have a look at the samples by running the project in android studio. but i am not able to build the project. please help

How can one refresh the access_token with this client ?

Set refresh_token, access_token et.c manually?

I fetch my oauth access_token via a normal http POST call. Is it possible to set the values of the framework after this? From what I can see mFlow is private and there are not public methods that help me.

Facebook and Google +

Is there an easy way to manage both connections? Does anybody knows which ones are the right parameters to set for doing a proper connection?

Broken: Samples/Simple OAuth 2.0 Explicit (foursquare)

I'm basing an app I'm writing off of the Foursquare example, and yet when I run the samples app and attempt to click on the Explicit (foursquare) choice, I get the following:

07-20 11:34:57.749    4619-4619/com.wuman.oauth.samples E/AndroidRuntime﹕ FATAL EXCEPTION: main
    Process: com.wuman.oauth.samples, PID: 4619
    java.lang.IllegalArgumentException: Object returned from onCreateLoader must not be a non-static inner member class: GetTokenLoader{13750ad7 id=0}
            at android.support.v4.app.LoaderManagerImpl$LoaderInfo.start(LoaderManager.java:257)
            at android.support.v4.app.LoaderManagerImpl.installLoader(LoaderManager.java:513)
            at android.support.v4.app.LoaderManagerImpl.createAndInstallLoader(LoaderManager.java:500)
            at android.support.v4.app.LoaderManagerImpl.initLoader(LoaderManager.java:553)
            at com.wuman.oauth.samples.foursquare.SimpleOAuth2ExplicitActivity$OAuthFragment$1.onClick(SimpleOAuth2ExplicitActivity.java:124)
            at android.view.View.performClick(View.java:4780)
            at android.view.View$PerformClick.run(View.java:19866)
            at android.os.Handler.handleCallback(Handler.java:739)
            at android.os.Handler.dispatchMessage(Handler.java:95)
            at android.os.Looper.loop(Looper.java:135)
            at android.app.ActivityThread.main(ActivityThread.java:5254)
            at java.lang.reflect.Method.invoke(Native Method)
            at java.lang.reflect.Method.invoke(Method.java:372)
            at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:903)
            at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:698)

It bombs out here.

Any insight?

Add isAuthorized(String userId) method for SharedPreferencesCredentialStore

It would be nice to know before using the OAuthManager whether or not a valid Credential exists for a given user. Of course you could load the credential with the load(String userId, Credential credential) method and do the same logic test for determining it's validity within OAuthManager's authorize methods, but it would be nice to have this functionality within the library itself. Something like:

SharedPreferencesCredentialStore credentialStore = new SharedPreferencesCredentialStore(this, "credentialStore", new JacksonFactory());
boolean authorized = credentialStore.isAuthorized("userId");

Oauth should open in browser instead of WebView

According to Google, It is strongly recommended that we do not use OAuth with WebView.
https://developers.google.com/identity/protocols/OAuth2InstalledApp
Is there any plan to update and allow System Browser along with WebView or atleast an option to handle it by developer. Currently the library forces the WebView.

can't use in Android Studio 1.2.1.1

the compile dependency 0.0.3 is totally outdated, and I cannot import library/module as a module into another project.

and when attempting to build using the library AAR, I get the dreaded com.android.dex.DexException: Multiple dex files define Lorg/codehaus/jackson/Base64Variant;

Any way to know if already authenticated?

I have to load one fragment or another depending on the current authentication. Is it possible to check if you are already authenticated?

I'm using the OAuth implicit flow

Incorrect credential expiry time stored when using implicit auth

There is a bug in com.wuman.android.auth.AuthorizationFlow that causes the wrong expiry time value to be stored when using the implicit authorization flow.

In createAndStoreCredential(ImplicitResponseUrl, String) on line 323:
.setExpirationTimeMilliseconds(implicitResponse.getExpiresInSeconds())
This should actually be:
.setExpiresInSeconds(implicitResponse.getExpiresInSeconds())

Error:Module 'com.wu-man:android-oauth-client:0.4.4' depends on one or more Android Libraries but is a jar

getting this build error in gradle.

one work around is to force it to use the aar by putting

compile 'com.wu-man:android-oauth-client:0.4.4@aar' in the gradle dependecies

Doc Comment says User ID can be null but in code it is validated for Not null

In OAuthManager class, the doc comments for the authorization method says that the user id can be null if not using a persisted credential store, but in code it is validated to be not null.

redirect URL for Linkedin?

The LinkedIn app registration page insists on an absolute, https redirect (see also docs).

How can I use this in my own app? http://localhost/Callback cannot be used? (I'm trying to reuse the library part.)

oAuth2 results in nullpointer exception

Hi,

With the current version (0.4.5), I get a nullpointer:
05-02 15:31:11.084 19604-19604/com.shoutbox_app.shoutboxapp E/AndroidRuntime﹕ FATAL EXCEPTION: main
Process: com.shoutbox_app.shoutboxapp, PID: 19604
java.lang.NullPointerException: Attempt to invoke interface method 'void com.google.api.client.http.HttpRequestInitializer.initialize(com.google.api.client.http.HttpRequest)' on a null object reference
at com.wuman.android.auth.AuthorizationFlow$1.initialize(AuthorizationFlow.java:229)
at com.wuman.android.auth.oauth2.explicit.LenientAuthorizationCodeTokenRequest$1.initialize(LenientAuthorizationCodeTokenRequest.java:142)
at com.google.api.client.http.HttpRequestFactory.buildRequest(HttpRequestFactory.java:93)
at com.google.api.client.http.HttpRequestFactory.buildPostRequest(HttpRequestFactory.java:133)
at com.wuman.android.auth.oauth2.explicit.LenientAuthorizationCodeTokenRequest.executeLeniently(LenientAuthorizationCodeTokenRequest.java:158)
at com.wuman.android.auth.oauth2.explicit.LenientAuthorizationCodeTokenRequest.execute(LenientAuthorizationCodeTokenRequest.java:104)
at com.wuman.android.auth.OAuthManager$3.doWork(OAuthManager.java:206)
at com.wuman.android.auth.OAuthManager$BaseFutureTask.startTask(OAuthManager.java:420)
at com.wuman.android.auth.OAuthManager$Future2Task.start(OAuthManager.java:443)
at com.wuman.android.auth.OAuthManager$5.run(OAuthManager.java:399)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:422)
at java.util.concurrent.FutureTask.run(FutureTask.java:237)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1112)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:587)
at java.lang.Thread.run(Thread.java:818)

The cause seems to be coming from this commit: 13bb765 I downgraded to 0.4.3, and afterwards it doesn't crash anymore.

Claims

The server supports few claims, how can i added claims to the token request url.

0.4.4 on Maven Central broken

If using compile 'com.wu-man:android-oauth-client:0.4.4' or compile 'com.wu-man:android-oauth-client:+'
the build fails with Error:(14, 30) error: package com.wuman.android.auth does not exist at all imports of com.wuman.... (ex: import com.wuman.android.auth.AuthorizationFlow;)

Using 0.4.3 explicitly fixes the issue, so this looks to be a regression in 0.4.4