Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(205)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: pkg/oauth2/README.md

Issue 213083003: Move the oauth2 library documentation to a README. (Closed) Base URL: https://dart.googlecode.com/svn/branches/bleeding_edge/dart
Patch Set: code review Created 6 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « pkg/oauth2/CHANGELOG.md ('k') | pkg/oauth2/lib/oauth2.dart » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 A client library for authenticating with a remote service via OAuth2 on
2 behalf of a user, and making authorized HTTP requests with the user's OAuth2
3 credentials. Currently this only works where `dart:io` is available.
4
5 OAuth2 allows a client (the program using this library) to access and
6 manipulate a resource that's owned by a resource owner (the end user) and
7 lives on a remote server. The client directs the resource owner to an
8 authorization server (usually but not always the same as the server that
9 hosts the resource), where the resource owner tells the authorization server
10 to give the client an access token. This token serves as proof that the
11 client has permission to access resources on behalf of the resource owner.
12
13 OAuth2 provides several different methods for the client to obtain
14 authorization. At the time of writing, this library only supports the
15 [AuthorizationCodeGrant][] method, but further methods may be added in the
16 future. The following example uses this method to authenticate, and assumes
17 that the library is being used by a server-side application.
18
19 [AuthorizationCodeGrant]: https://api.dartlang.org/apidocs/channels/stable/#oaut h2/oauth2.AuthorizationCodeGrant
20
21 ```dart
22 import 'dart:io'
23 import 'package:oauth2/oauth2.dart' as oauth2;
24
25 // These URLs are endpoints that are provided by the authorization
26 // server. They're usually included in the server's documentation of its
27 // OAuth2 API.
28 final authorizationEndpoint =
29 Uri.parse("http://example.com/oauth2/authorization");
30 final tokenEndpoint =
31 Uri.parse("http://example.com/oauth2/token");
32
33 // The authorization server will issue each client a separate client
34 // identifier and secret, which allows the server to tell which client
35 // is accessing it. Some servers may also have an anonymous
36 // identifier/secret pair that any client may use.
37 //
38 // Note that clients whose source code or binary executable is readily
39 // available may not be able to make sure the client secret is kept a
40 // secret. This is fine; OAuth2 servers generally won't rely on knowing
41 // with certainty that a client is who it claims to be.
42 final identifier = "my client identifier";
43 final secret = "my client secret";
44
45 // This is a URL on your application's server. The authorization server
46 // will redirect the resource owner here once they've authorized the
47 // client. The redirection will include the authorization code in the
48 // query parameters.
49 final redirectUrl = Uri.parse("http://my-site.com/oauth2-redirect");
50
51 var credentialsFile = new File("~/.myapp/credentials.json");
52 return credentialsFile.exists().then((exists) {
53 // If the OAuth2 credentials have already been saved from a previous
54 // run, we just want to reload them.
55 if (exists) {
56 return credentialsFile.readAsString().then((json) {
57 var credentials = new oauth2.Credentials.fromJson(json);
58 return new oauth2.Client(identifier, secret, credentials);
59 });
60 }
61
62 // If we don't have OAuth2 credentials yet, we need to get the
63 // resource owner to authorize us. We're assuming here that we're a
64 // command-line application.
65 var grant = new oauth2.AuthorizationCodeGrant(
66 identifier, secret, authorizationEndpoint, tokenEndpoint);
67
68 // Redirect the resource owner to the authorization URL. This will be
69 // a URL on the authorization server (authorizationEndpoint with some
70 // additional query parameters). Once the resource owner has
71 // authorized, they'll be redirected to `redirectUrl` with an
72 // authorization code.
73 //
74 // `redirect` is an imaginary function that redirects the resource
75 // owner's browser.
76 return redirect(grant.getAuthorizationUrl(redirectUrl)).then((_) {
77 // Another imaginary function that listens for a request to
78 // `redirectUrl`.
79 return listen(redirectUrl);
80 }).then((request) {
81 // Once the user is redirected to `redirectUrl`, pass the query
82 // parameters to the AuthorizationCodeGrant. It will validate them
83 // and extract the authorization code to create a new Client.
84 return grant.handleAuthorizationResponse(request.uri.queryParameters);
85 })
86 }).then((client) {
87 // Once you have a Client, you can use it just like any other HTTP
88 // client.
89 return client.read("http://example.com/protected-resources.txt")
90 .then((result) {
91 // Once we're done with the client, save the credentials file. This
92 // ensures that if the credentials were automatically refreshed
93 // while using the client, the new credentials are available for the
94 // next run of the program.
95 return credentialsFile.open(FileMode.WRITE).then((file) {
96 return file.writeString(client.credentials.toJson());
97 }).then((file) => file.close()).then((_) => result);
98 });
99 }).then(print);
100 ```
OLDNEW
« no previous file with comments | « pkg/oauth2/CHANGELOG.md ('k') | pkg/oauth2/lib/oauth2.dart » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698