| Interface | Description |
|---|---|
| AuthorizationService.TokenResponseCallback |
Callback interface for token endpoint requests.
|
| AuthorizationServiceConfiguration.RetrieveConfigurationCallback |
Callback interface for configuration retrieval.
|
| AuthState.AuthStateAction |
Interface for actions executed in the context of fresh (non-expired) tokens.
|
| Class | Description |
|---|---|
| AuthorizationException.AuthorizationRequestErrors |
Error codes related to failed authorization requests.
|
| AuthorizationException.GeneralErrors |
Error codes specific to AppAuth for Android, rather than those defined in the OAuth2 and
OpenID specifications.
|
| AuthorizationException.TokenRequestErrors |
Error codes related to failed token requests.
|
| AuthorizationRequest |
An OAuth2 authorization request.
|
| AuthorizationRequest.Builder |
Creates instances of
AuthorizationRequest. |
| AuthorizationResponse |
A response to an authorization request.
|
| AuthorizationResponse.Builder |
Creates instances of
AuthorizationResponse. |
| AuthorizationService |
Dispatches requests to an OAuth2 authorization service.
|
| AuthorizationServiceConfiguration |
Configuration details required to interact with an authorization service.
|
| AuthorizationServiceDiscovery |
An OpenID Connect 1.0 Discovery Document.
|
| AuthState |
Collects authorization state from authorization requests and responses.
|
| CodeVerifierUtil |
Generates code verifiers and challenges for PKCE exchange.
|
| RedirectUriReceiverActivity |
Activity that receives the redirect Uri sent by the OpenID endpoint.
|
| TokenRequest |
An OAuth2 token request.
|
| TokenRequest.Builder |
Creates instances of
TokenRequest. |
| TokenResponse |
A response to a token request.
|
| TokenResponse.Builder |
Creates instances of
TokenResponse. |
| Exception | Description |
|---|---|
| AuthorizationException |
Returned as a response to OAuth2 requests if they fail.
|
| AuthorizationServiceDiscovery.MissingArgumentException |
Thrown when a mandatory property is missing from the discovery document.
|
AppAuth for Android is a client SDK for communication with OAuth2 and OpenID Connect providers. It strives to directly map the requests and responses of those specifications, while following the idiomatic style of the implementation language. In addition to mapping the raw protocol flows, convenience methods are available to assist with common tasks like performing an action with fresh tokens.
The library follows the best practices set out in
OAuth 2.0 for Native Apps
including using
Custom
Tabs for the auth request. For this reason, WebView is explicitly
not supported due to usability and security reasons.
The library also supports the PKCE extension to OAuth which was created to secure authorization codes in public clients when custom URI scheme redirects are used. The library is friendly to other extensions (standard or otherwise) with the ability to handle additional parameters in all protocol requests and responses.