Oauth2CliExchange¶
Oauth2CliExchange is a simple OAuth2 authentication flow for the CLI (to login).
etc/conf/server.properties¶
Oauth2CliExchange loads etc/conf/server.properties into the serverProperties when created.
Note
The path etc/conf/server.properties is fixed and cannot be changed.
Creating Instance¶
Oauth2CliExchange takes no arguments to be created.
While being created, Oauth2CliExchange loads etc/conf/server.properties into the serverProperties.
Oauth2CliExchange is created when:
AuthCliis requested to login
Authenticate¶
authenticate returns an identity token.
authenticate reads the following server properties (from etc/conf/server.properties):
server.authorization-urlserver.token-urlserver.client-idserver.client-secret- server.redirect-port
authenticate starts an HttpServer to listen on the port (based on server.redirect-port) and an AuthCallbackHandler to handle the root path /.
authenticate prints out the following message to the console:
authenticate builds an auth URL as follows:
| URL Part | Value |
|---|---|
redirectUrl | server.authorization-url configuration property |
client_id | server.client-id configuration property |
redirect_uri | http://localhost:[port] |
response_type | code |
scope | openid profile email |
state | Some random 16 bytes |
authenticate prints out the following message to the console:
Attempting to open the authorization page in your default browser.
If the browser does not open, you can manually open the following URL:
[authURL]
authenticate uses /usr/bin/open to open the auth URL (in the default browser).
Note
Any exceptions while trying to open the browser with the auth URL are simply ignored.
authenticate requests the AuthCallbackHandler for the auth code.
authenticate prints out the following message to the console:
authenticate stops the HttpServer.
authenticate...FIXME
authenticate is used when:
AuthCliis requested to login