android jvm

Android library with classes and functions required to access Curity Identity Server Hypermedia Authentication API (HAAPI) from android devices.

Usage examples

Start by creating an HaapiTokenManager

    // 0 - Create a HaapiTokenManager  
    val tokenEndpointUri: URI = ...  
    val clientId: String = ...  
    val haapiTokenManager = HaapiTokenManager(tokenEndpointUri, clientId) {  
        // define additional configuration properties   

When using the OkHttp HTTP client library, it is possible to include an interceptor that will automatically add all required request headers and manage the session identifier.

    // 1 - Create an OkHttpClient using haapiTokenManager   
    val httpClient = OkHttpClient.Builder()  
        // define other builder properties  
    // 2 - Use httpClient to access HAAPI resources  
    // access token, proof tokens, and session identifiers will be handled automatically when doing requests with httpClient

Otherwise, the DPoP tokens need to be explicitly requested from the HaapiTokenManager and added to the outgoing HAAPI requests:

    // 1 - use the HaapiTokenManager to retrieve the DPoP access and proof tokens  
    // required for the outgoing HTTP request  
    val httpRequestMethod: String = ...  
    val httpRequestTargetUri: URI = ...  
    val tokens = tokenManager.getDPoPTokensFor(httpRequestMethod, httpRequestTargetUri)  
    val authorizationHeaderValue = "DPoP ${tokens.accessTokenString}"  
    val dpopHeaderValue = tokens.proofTokenString  
    // 2 - add authorizationHeaderValue and dpopHeaderValue to the Authorization and DPoP request headers,  
    // respectively  

In this case, the session identifier also needs to be handled explicitly.


Name Summary
se.curity.identityserver.haapi.android.sdk This package contains classes for HAAPI access token management.
se.curity.identityserver.haapi.android.sdk.okhttp This package contains functions and types to configure an OkHttpClient so that it can access HAAPI resources, including access token management and flow session state management.