dw.customer.oauth
Class OAuthLoginFlowMgr
dw.customer.oauth.OAuthLoginFlowMgrThe OAuthLoginFlowMgr encapsulates interactions with third party
OAuth providers to support the Authorization Code Flow.
The way to use is:
The way to use is:
- call initiateOAuthLogin(String)
- redirect the user to the returned link
- when the user authenticates there the server will call back to a URL configured on the provider's web site
- when processing the request made from the provider's web site you have two choices - either call the obtainAccessToken() and obtainUserInfo(String, String) methods one after another separately (gives you more flexibility), or call the finalizeOAuthLogin() method which internally calls the other two (simpler to use).
var finalizedResponse : OAuthFinalizedResponse = OAuthLoginFlowMgr.finalizeOAuthLogin();
var userInfo = finalizedResponse.userInfoResponse.userInfo;
var accessTokenResponse : OAuthAccessTokenResponse = OAuthLoginFlowMgr.obtainAccessToken();
var userInfoResponse : OAuthUserInfoResponse = OAuthLoginFlowMgr
.obtainUserInfo(accessTokenResponse.oauthProviderId, accessTokenResponse.accessToken);
var userInfo = userInfoResponse.userInfo;
Constructor Summary
Method Summary
static finalizeOAuthLogin()
:
OAuthFinalizedResponse
This method works in tandem with the initiateOAuthLogin(String) method.
static initiateOAuthLogin(oauthProviderId
:
String)
:
URLRedirect
This method works in tandem with another method - finalizeOAuthLogin().
static obtainAccessToken()
:
OAuthAccessTokenResponse
This method is called internally by finalizeOAuthLogin().
static obtainUserInfo(oauthProviderId
:
String, accessToken
:
String)
:
OAuthUserInfoResponse
This method is called internally by finalizeOAuthLogin().
Methods inherited from class
Object
assign, create, create, defineProperties, defineProperty, entries, freeze, fromEntries, getOwnPropertyDescriptor, getOwnPropertyNames, getOwnPropertySymbols, getPrototypeOf, hasOwnProperty, is, isExtensible, isFrozen, isPrototypeOf, isSealed, keys, preventExtensions, propertyIsEnumerable, seal, setPrototypeOf, toLocaleString, toString, valueOf, values
Method Detail
finalizeOAuthLogin
static finalizeOAuthLogin()
:
OAuthFinalizedResponse
This method works in tandem with the initiateOAuthLogin(String) method.
After the user has been redirected to the URL returned by that method
to the external OAuth2 provider and the user has interacted with the provider's
site, the browser is redirected to a URL configured on the provider's web
site. This URL should be that of a pipeline that contains
a script invoking the finalizeOAuthLogin method.
At this point the user has either been authenticated by the external provider or not (forgot password, or simply refused to provide credentials). If the user has been authenticated by the external provider and the provider returns an authentication code, this method exchanges the code for a token and with that token it requests from the provider the user information specified by the configured scope (id, first/last name, email, etc.).
The method is aggregation of two other methods - obtainAccessToken() and obtainUserInfo(String, String) and is provided for convenience. You may want to use the two individual methods instead if you need more flexibility.
This supports the Authorization Code Flow.
At this point the user has either been authenticated by the external provider or not (forgot password, or simply refused to provide credentials). If the user has been authenticated by the external provider and the provider returns an authentication code, this method exchanges the code for a token and with that token it requests from the provider the user information specified by the configured scope (id, first/last name, email, etc.).
The method is aggregation of two other methods - obtainAccessToken() and obtainUserInfo(String, String) and is provided for convenience. You may want to use the two individual methods instead if you need more flexibility.
This supports the Authorization Code Flow.
Returns:
the user info on success, null otherwise
initiateOAuthLogin
This method works in tandem with another method - finalizeOAuthLogin().
It starts the process of authentication via an external OAuth2 provider. It
takes one parameter - OAuthProviderId (as configured in the system). Outputs
an URL pointing to the OAuth2 provider's web page to which the browser should
redirect to initiate the actual user authentication or NULL if there is an
invalid configuration or an error occurs.
The method stores a few key/values in the session
(Session.getPrivacy(), implementation specific parameters and may change at any time)
to be picked up by the finalizeOAuthLogin() method when the provider redirects back.
This supports the Authorization Code Flow.
This supports the Authorization Code Flow.
Parameters:
oauthProviderId
-
the OAuth provider id
Returns:
URL to redirect to
obtainAccessToken
static obtainAccessToken()
:
OAuthAccessTokenResponse
This method is called internally by finalizeOAuthLogin().
There are customer requests to expose a more granular way of
doing the interactions that finalizeOAuthLogin is currently doing
with the third party OAuth server to accommodate certain providers.
This supports the Authorization Code Flow.
This supports the Authorization Code Flow.
Returns:
the access token response
obtainUserInfo
This method is called internally by finalizeOAuthLogin().
There are customer requests to expose a more granular way of
doing the interactions that finalizeOAuthLogin is currently doing
with the third party OAuth server to accommodate certain providers.
This supports the Authorization Code Flow.
This supports the Authorization Code Flow.
Parameters:
oauthProviderId
-
the OAuth provider id
accessToken
-
the OAuth provider's access token
Returns:
the user info response