Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(27)

Side by Side Diff: pkg/oauth2/lib/src/client.dart

Issue 11420025: Add a package for authenticating via OAuth2. (Closed) Base URL: https://dart.googlecode.com/svn/branches/bleeding_edge/dart
Patch Set: Refresh token fixes and code review changes Created 8 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « pkg/oauth2/lib/src/authorization_exception.dart ('k') | pkg/oauth2/lib/src/credentials.dart » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 // Copyright (c) 2012, the Dart project authors. Please see the AUTHORS file
2 // for details. All rights reserved. Use of this source code is governed by a
3 // BSD-style license that can be found in the LICENSE file.
4
5 library client;
6
7 import 'dart:uri';
8
9 import '../../../http/lib/http.dart' as http;
10
11 import 'credentials.dart';
12 import 'expiration_exception.dart';
13 import 'utils.dart';
14
15 // TODO(nweiz): Add an onCredentialsRefreshed event once we have some event
16 // infrastructure.
17 /// An OAuth2 client. This acts as a drop-in replacement for an
18 /// [http.BaseClient], while sending OAuth2 authorization credentials along with
19 /// each request.
20 ///
21 /// The client also automatically refreshes its credentials if possible. When it
22 /// makes a request, if its credentials are expired, it will first refresh them.
23 /// This means that any request may throw an [AuthorizationException] if the
24 /// refresh is not authorized for some reason, a [FormatException] if the
25 /// authorization server provides ill-formatted responses, or an
26 /// [ExpirationException] if the credentials are expired and can't be refreshed.
27 ///
28 /// Currently this client doesn't attempt to identify errors from the resource
29 /// server that are caused by authentication failure. However, it may throw
30 /// [AuthorizationException]s for such errors in the future.
31 ///
32 /// If you already have a set of [Credentials], you can construct a [Client]
33 /// directly. However, in order to first obtain the credentials, you must
34 /// authorize. At the time of writing, the only authorization method this
35 /// library supports is [AuthorizationCodeGrant].
36 class Client extends http.BaseClient {
37 /// The client identifier for this client. The authorization server will issue
38 /// each client a separate client identifier and secret, which allows the
39 /// server to tell which client is accessing it. Some servers may also have an
40 /// anonymous identifier/secret pair that any client may use.
41 ///
42 /// This is usually global to the program using this library.
43 final String identifier;
44
45 /// The client secret for this client. The authorization server will issue
46 /// each client a separate client identifier and secret, which allows the
47 /// server to tell which client is accessing it. Some servers may also have an
48 /// anonymous identifier/secret pair that any client may use.
49 ///
50 /// This is usually global to the program using this library.
51 ///
52 /// Note that clients whose source code or binary executable is readily
53 /// available may not be able to make sure the client secret is kept a secret.
54 /// This is fine; OAuth2 servers generally won't rely on knowing with
55 /// certainty that a client is who it claims to be.
56 final String secret;
57
58 /// The credentials this client uses to prove to the resource server that it's
59 /// authorized. This may change from request to request as the credentials
60 /// expire and the client refreshes them automatically.
61 Credentials get credentials => _credentials;
62 Credentials _credentials;
63
64 /// The underlying HTTP client.
65 http.BaseClient _httpClient;
66
67 /// Creates a new client from a pre-existing set of credentials. When
68 /// authorizing a client for the first time, you should use
69 /// [AuthorizationCodeGrant] instead of constructing a [Client] directly.
70 ///
71 /// [httpClient] is the underlying client that this forwards requests to after
72 /// adding authorization credentials to them.
73 Client(
74 this.identifier,
75 this.secret,
76 this._credentials,
77 {http.BaseClient httpClient})
78 : _httpClient = httpClient == null ? new http.Client() : httpClient;
79
80 /// Sends an HTTP request with OAuth2 authorization credentials attached. This
81 /// will also automatically refresh this client's [Credentials] before sending
82 /// the request if necessary.
83 Future<http.StreamedResponse> send(http.BaseRequest request) {
84 return async.chain((_) {
85 if (!credentials.isExpired) return new Future.immediate(null);
86 if (!credentials.canRefresh) throw new ExpirationException(credentials);
87 return refreshCredentials();
88 }).chain((_) {
89 request.headers['authorization'] = "Bearer ${credentials.accessToken}";
90 return _httpClient.send(request);
91 });
92 // TODO(nweiz): parse 401 errors that are caused by OAuth errors here.
93 }
94
95 /// Explicitly refreshes this client's credentials. Returns this client.
96 ///
97 /// This will throw a [StateError] if the [Credentials] can't be refreshed, an
98 /// [AuthorizationException] if refreshing the credentials fails, or a
99 /// [FormatError] if the authorization server returns invalid responses.
100 ///
101 /// You may request different scopes than the default by passing in
102 /// [newScopes]. These must be a subset of the scopes in the
103 /// [Credentials.scopes] field of [Client.credentials].
104 Future<Client> refreshCredentials([List<String> newScopes]) {
105 return async.chain((_) {
106 if (!credentials.canRefresh) {
107 var prefix = "OAuth credentials";
108 if (credentials.isExpired) prefix = "$prefix have expired and";
109 throw new StateError("$prefix can't be refreshed.");
110 }
111
112 return credentials.refresh(identifier, secret,
113 newScopes: newScopes, httpClient: _httpClient);
114 }).transform((credentials) {
115 _credentials = credentials;
116 return this;
117 });
118 }
119
120 /// Closes this client and its underlying HTTP client.
121 void close() {
122 if (_httpClient != null) _httpClient.close();
123 _httpClient = null;
124 }
125 }
OLDNEW
« no previous file with comments | « pkg/oauth2/lib/src/authorization_exception.dart ('k') | pkg/oauth2/lib/src/credentials.dart » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698