OAuth (v4.3)

pac4j allows you to login with identity providers using the OAuth v1.0 and v2.0 protocol.

1) Dependency

You need to use the following module: pac4j-oauth.

Example (Maven dependency):

<dependency>
    <groupId>org.pac4j</groupId>
    <artifactId>pac4j-oauth</artifactId>
    <version>${pac4j.version}</version>
</dependency>

2) Available clients

a) Generic clients

You can use the OAuth10Client or the OAuth20Client clients to login with an OAuth 1.0 or 2.0 server.

Example to simulate the BitbucketClient (OAuth v1.0):

OAuth10Configuration config = new OAuth10Configuration();
config.setKey("bjEt8BMpLwFDqZUvp6");
config.setSecret("NN6fVXRTcV2qYVejVLZqxBRqHgn3ygD4");
config.setApi(new BitBucketApi());
config.setProfileDefinition(new BitbucketProfileDefinition());
OAuth10Client client = new OAuth10Client();
client.setCallbackUrl(PAC4J_BASE_URL);
client.setConfiguration(config);

Example to simulate the GithubClient (OAuth v2.0):

OAuth20Configuration config = new OAuth20Configuration();
config.setApi(GitHubApi.instance());
config.setProfileDefinition(new GitHubProfileDefinition());
config.setScope("user");
config.setKey("62374f5573a89a8f9900");
config.setSecret("01dd26d60447677ceb7399fb4c744f545bb86359");
OAuth20Client client = new OAuth20Client();
client.setConfiguration(config);
client.setCallbackUrl(PAC4J_BASE_URL);

For OAuth v2.0, you can also use the GenericApi20 or directly the GenericOAuth20Client.

Example:

GenericOAuth20Client client = new GenericOAuth20Client();
Map map = new HashMap();
map.put(AGE, "Integer|age");
map.put(IS_ADMIN, "Boolean|is_admin");
map.put(BG_COLOR, "Color|bg_color");
map.put(GENDER, "Gender|gender");
map.put(BIRTHDAY, "Locale|birthday");
map.put(ID, "Long|id");
map.put(BLOG, "URI|blog");
map.put("name", "name");  //default String
client.setProfileAttrs(map);

You need to define all the attributes you want to retrieve for the user profile. You can just define the attribute name (name) or the attribute name and the associated converter (Boolean|is_admin).

Currently, the following converters are supported: Integer, Boolean, Color, Gender, Locale, Long, URI and String (by default).

b) Specific clients

By default, many clients are available to login with many identity providers:

Identity provider	Client	User profile
BitBucket	`BitbucketClient`	`BitbucketProfile`
a CAS server using the OAuth protocol	`CasOAuthWrapperClient`	`CasOAuthWrapperProfile`
DropBox	`DropBoxClient`	`DropBoxProfile`
Facebook	`FacebookClient`	`FacebookProfile`
Foursquare	`FoursquareClient`	`FoursquareProfile`
Github	`GitHubClient`	`GitHubProfile`
Google	`Google2Client`	`Google2Profile`
HiOrg-Server	`HiOrgServerClient`	`HiOrgServerProfile`
LinkedIn	`LinkedIn2Client`	`LinkedIn2Profile`
Odnoklassniki	`OkClient`	`OkProfile`
ORCiD	`OrcidClient`	`OrcidProfile`
Paypal	`PayPalClient`	`PayPalProfile`
QQ	`QQClient`	`QQProfile`
Strava	`StravaClient`	`StravaProfile`
Twitter	`TwitterClient`	`TwitterProfile`
Vk	`VkClient`	`VkProfile`
Wechat	`WechatClient`	`WechatProfile`
Weibo	`WeiboClient`	`WeiboProfile`
Windows Live	`WindowsLiveClient`	`WindowsLiveProfile`
Word Press	`WordPressClient`	`WordPressProfile`
Yahoo	`YahooClient`	`YahooProfile`

Example:

FacebookClient facebookClient = new FacebookClient("145278422258960", "be21409ba8f39b5dae2a7de525484da8");
TwitterClient twitterClient = new TwitterClient("CoxUiYwQOSFDReZYdjigBA", "2kAzunH5Btc4gRSaMr7D7MkyoJ5u1VzbOOzE8rBofs");