public static final class DbxWebAuth.Request.Builder extends Object
Modifier and Type | Method and Description |
---|---|
DbxWebAuth.Request |
build()
Returns a new OAuth
DbxWebAuth.Request that can be used in
DbxWebAuth.DbxWebAuth(DbxRequestConfig,DbxAppInfo) to authorize a user. |
DbxWebAuth.Request.Builder |
withDisableSignup(Boolean disableSignup)
Whether or not to allow non-users to sign up for a Dropbox account via the authorization page.
|
DbxWebAuth.Request.Builder |
withForceReapprove(Boolean forceReapprove)
Whether or not to force the user to approve the app again if they've already done so.
|
DbxWebAuth.Request.Builder |
withNoRedirect()
Do not redirect the user after authorization has completed (default).
|
DbxWebAuth.Request.Builder |
withRedirectUri(String redirectUri,
DbxSessionStore sessionStore)
Where to redirect the user after authorization has completed.
|
DbxWebAuth.Request.Builder |
withRequireRole(String requireRole)
Request the user authorize with the particular type of Dropbox account.
|
DbxWebAuth.Request.Builder |
withState(String state)
Up to 476 bytes of arbitrary data that will be passed back to your redirect URI.
|
public DbxWebAuth.Request.Builder withNoRedirect()
After a user authorizes the app using the authorization URL, a code will be
displayed that they must copy and paste into your app. If you want users to be
redirected after authorization back to your app, use withRedirectUri(java.lang.String, com.dropbox.core.DbxSessionStore)
instead. Websites should always provide a redirect URI.
public DbxWebAuth.Request.Builder withRedirectUri(String redirectUri, DbxSessionStore sessionStore)
This must be the exact URI registered in the App Console;
even "localhost"
must be listed if it is used for testing. All redirect URIs must be
HTTPS except for localhost URIs. If the redirect URI is omitted, the code will be
presented directly to the user and they will be invited to enter the information in
your app.
The given session store will be used for storing the Cross-Site Request Forgery
(CSRF) nonce generated during the authorization flow. To prevent CSRF attacks, DbxWebAuth
appends a nonce to each authorization request. When the authorization
flow is complete, the returned nonce is compared with the one in the store to ensure
the response is valid. A session store must be specified if a redirect URI is
set.
redirectUri
- URI to redirect authorization response, never null
.sessionStore
- Session store to use for storing CSRF nonces across requests, never null
.NullPointerException
- if either redirectUri or sessionStore is null
public DbxWebAuth.Request.Builder withState(String state)
Note that DbxWebAuth
will always automatically append a nonce to the
state to protect against cross-site request forgery. This is true even if no state is
provided.
State should only be provided if a redirect URI is provided as well, otherwise
build()
will throw an IllegalStateException
.
state
- additional state to pass back to the redirect URI, or null
to
pass back no additional state.IllegalArgumentException
- if state is greater than 476 bytespublic DbxWebAuth.Request.Builder withRequireRole(String requireRole)
requireRole
- which role should authorize this app, or null
for any
role.DbxWebAuth.ROLE_WORK
,
DbxWebAuth.ROLE_PERSONAL
public DbxWebAuth.Request.Builder withForceReapprove(Boolean forceReapprove)
If false
(default), a user who has already approved the application may
be automatically redirected to the URI specified by withRedirectUri(java.lang.String, com.dropbox.core.DbxSessionStore)
. If
true
, the user will not be automatically redirected and will have to approve
the app again.
forceReapprove
- whether to force a user to re-approve this app, or null
for default behaviorpublic DbxWebAuth.Request.Builder withDisableSignup(Boolean disableSignup)
When true
(default is false
) users will not be able to sign up
for a Dropbox account via the authorization page. Instead, the authorization page
will show a link to install Dropbox (typically through a mobile app store). This is
only intended for use when necessary for compliance with App Store policies.
disableSignup
- whether or not to allow users to sign up in the authorization
flow, or null
for default behaviorpublic DbxWebAuth.Request build()
DbxWebAuth.Request
that can be used in
DbxWebAuth.DbxWebAuth(DbxRequestConfig,DbxAppInfo)
to authorize a user.DbxWebAuth.Request
configuration.IllegalStateException
- if withState(java.lang.String)
was called with a non-null
value, but no redirect URI was specified.