Class DbxPKCEManager


  • public class DbxPKCEManager
    extends java.lang.Object
    This class should be lib/jar private. We make it public so that Android related code can use it. This class does code verifier and code challenge generation in Proof Key for Code Exchange(PKCE).
    See Also:
    https://tools.ietf.org/html/rfc7636
    • Field Detail

      • CODE_CHALLENGE_METHODS

        public static final java.lang.String CODE_CHALLENGE_METHODS
        See Also:
        Constant Field Values
    • Constructor Detail

      • DbxPKCEManager

        public DbxPKCEManager()
        This class has state. Each instance has a randomly generated codeVerifier in it. Just like we shouldn't re-use the same code verifier in PKCE, we shouldn't re-use the same DbxPKCEManager instance in different OAuth flow.
      • DbxPKCEManager

        public DbxPKCEManager​(java.lang.String codeVerifier)
    • Method Detail

      • getCodeVerifier

        public java.lang.String getCodeVerifier()
        Returns:
        The randomly generate code verifier in this instance.
      • getCodeChallenge

        public java.lang.String getCodeChallenge()
        Returns:
        The code challenge, which is a hashed code verifier.
      • makeTokenRequest

        public DbxAuthFinish makeTokenRequest​(DbxRequestConfig requestConfig,
                                              java.lang.String oauth2Code,
                                              java.lang.String appKey,
                                              java.lang.String redirectUri,
                                              DbxHost host)
                                       throws DbxException
        Make oauth2/token request to exchange code for oauth2 access token. Client secret is not required.
        Parameters:
        requestConfig - Default attributes to use for each request.
        oauth2Code - OAuth2 code defined in OAuth2 code flow.
        appKey - Client Key
        redirectUri - The same redirect_uri that's used in preivous oauth2/authorize call.
        host - Only used for testing when you don't want to make request against production.
        Returns:
        OAuth2 result, including oauth2 access token, and optionally expiration time and refresh token.
        Throws:
        DbxException - If reqeust is invalid, or code expired, or server error.