| OLD | NEW |
|---|
| 1 A client library for authenticating with a remote service via OAuth2 on | 1 A client library for authenticating with a remote service via OAuth2 on |
| 2 behalf of a user, and making authorized HTTP requests with the user's OAuth2 | 2 behalf of a user, and making authorized HTTP requests with the user's OAuth2 |
| 3 credentials. | 3 credentials. |
| 4 | 4 |
| 5 OAuth2 allows a client (the program using this library) to access and | 5 OAuth2 allows a client (the program using this library) to access and |
| 6 manipulate a resource that's owned by a resource owner (the end user) and | 6 manipulate a resource that's owned by a resource owner (the end user) and |
| 7 lives on a remote server. The client directs the resource owner to an | 7 lives on a remote server. The client directs the resource owner to an |
| 8 authorization server (usually but not always the same as the server that | 8 authorization server (usually but not always the same as the server that |
| 9 hosts the resource), where the resource owner tells the authorization server | 9 hosts the resource), where the resource owner tells the authorization server |
| 10 to give the client an access token. This token serves as proof that the | 10 to give the client an access token. This token serves as proof that the |
| (...skipping 30 matching lines...) Expand all Loading... |
| 41 // with certainty that a client is who it claims to be. | 41 // with certainty that a client is who it claims to be. |
| 42 final identifier = "my client identifier"; | 42 final identifier = "my client identifier"; |
| 43 final secret = "my client secret"; | 43 final secret = "my client secret"; |
| 44 | 44 |
| 45 // This is a URL on your application's server. The authorization server | 45 // This is a URL on your application's server. The authorization server |
| 46 // will redirect the resource owner here once they've authorized the | 46 // will redirect the resource owner here once they've authorized the |
| 47 // client. The redirection will include the authorization code in the | 47 // client. The redirection will include the authorization code in the |
| 48 // query parameters. | 48 // query parameters. |
| 49 final redirectUrl = Uri.parse("http://my-site.com/oauth2-redirect"); | 49 final redirectUrl = Uri.parse("http://my-site.com/oauth2-redirect"); |
| 50 | 50 |
| 51 var credentialsFile = new File("~/.myapp/credentials.json"); | 51 /// A file in which the users credentials are stored persistently. If the server |
| 52 return credentialsFile.exists().then((exists) { | 52 /// issues a refresh token allowing the client to refresh outdated credentials, |
| 53 // If the OAuth2 credentials have already been saved from a previous | 53 /// these may be valid indefinitely, meaning the user never has to |
| 54 // run, we just want to reload them. | 54 /// re-authenticate. |
| 55 final credentialsFile = new File("~/.myapp/credentials.json"); |
| 56 |
| 57 /// Either load an OAuth2 client from saved credentials or authenticate a new |
| 58 /// one. |
| 59 Future<oauth2.Client> getClient() async { |
| 60 var exists = await credentialsFile.exists(); |
| 61 |
| 62 // If the OAuth2 credentials have already been saved from a previous run, we |
| 63 // just want to reload them. |
| 55 if (exists) { | 64 if (exists) { |
| 56 return credentialsFile.readAsString().then((json) { | 65 var credentials = new oauth2.Credentials.fromJson( |
| 57 var credentials = new oauth2.Credentials.fromJson(json); | 66 await credentialsFile.readAsString()); |
| 58 return new oauth2.Client(identifier, secret, credentials); | 67 return new oauth2.Client(identifier, secret, credentials); |
| 59 }); | |
| 60 } | 68 } |
| 61 | 69 |
| 62 // If we don't have OAuth2 credentials yet, we need to get the | 70 // If we don't have OAuth2 credentials yet, we need to get the resource owner |
| 63 // resource owner to authorize us. We're assuming here that we're a | 71 // to authorize us. We're assuming here that we're a command-line application. |
| 64 // command-line application. | |
| 65 var grant = new oauth2.AuthorizationCodeGrant( | 72 var grant = new oauth2.AuthorizationCodeGrant( |
| 66 identifier, secret, authorizationEndpoint, tokenEndpoint); | 73 identifier, secret, authorizationEndpoint, tokenEndpoint); |
| 67 | 74 |
| 68 // Redirect the resource owner to the authorization URL. This will be | 75 // Redirect the resource owner to the authorization URL. This will be a URL on |
| 69 // a URL on the authorization server (authorizationEndpoint with some | 76 // the authorization server (authorizationEndpoint with some additional query |
| 70 // additional query parameters). Once the resource owner has | 77 // parameters). Once the resource owner has authorized, they'll be redirected |
| 71 // authorized, they'll be redirected to `redirectUrl` with an | 78 // to `redirectUrl` with an authorization code. |
| 72 // authorization code. | |
| 73 // | 79 // |
| 74 // `redirect` is an imaginary function that redirects the resource | 80 // `redirect` is an imaginary function that redirects the resource |
| 75 // owner's browser. | 81 // owner's browser. |
| 76 return redirect(grant.getAuthorizationUrl(redirectUrl)).then((_) { | 82 await redirect(grant.getAuthorizationUrl(redirectUrl)); |
| 77 // Another imaginary function that listens for a request to | 83 |
| 78 // `redirectUrl`. | 84 // Another imaginary function that listens for a request to `redirectUrl`. |
| 79 return listen(redirectUrl); | 85 var request = await listen(redirectUrl); |
| 80 }).then((request) { | 86 |
| 81 // Once the user is redirected to `redirectUrl`, pass the query | 87 // Once the user is redirected to `redirectUrl`, pass the query parameters to |
| 82 // parameters to the AuthorizationCodeGrant. It will validate them | 88 // the AuthorizationCodeGrant. It will validate them and extract the |
| 83 // and extract the authorization code to create a new Client. | 89 // authorization code to create a new Client. |
| 84 return grant.handleAuthorizationResponse(request.uri.queryParameters); | 90 return await grant.handleAuthorizationResponse(request.uri.queryParameters); |
| 85 }) | 91 } |
| 86 }).then((client) { | 92 |
| 87 // Once you have a Client, you can use it just like any other HTTP | 93 main() async { |
| 88 // client. | 94 var client = await loadClient(); |
| 89 return client.read("http://example.com/protected-resources.txt") | 95 |
| 90 .then((result) { | 96 // Once you have a Client, you can use it just like any other HTTP client. |
| 91 // Once we're done with the client, save the credentials file. This | 97 var result = client.read("http://example.com/protected-resources.txt"); |
| 92 // ensures that if the credentials were automatically refreshed | 98 |
| 93 // while using the client, the new credentials are available for the | 99 // Once we're done with the client, save the credentials file. This ensures |
| 94 // next run of the program. | 100 // that if the credentials were automatically refreshed while using the |
| 95 return credentialsFile.open(FileMode.WRITE).then((file) { | 101 // client, the new credentials are available for the next run of the |
| 96 return file.writeString(client.credentials.toJson()); | 102 // program. |
| 97 }).then((file) => file.close()).then((_) => result); | 103 await credentialsFile.writeAsString(client.credentials.toJson()); |
| 98 }); | 104 |
| 99 }).then(print); | 105 print(result); |
| 106 } |
| 100 ``` | 107 ``` |
| OLD | NEW |
|---|
Chromium Code Reviews
