Fork me on GitHub

OAuth (v5.3)

pac4j allows you to login with identity providers using the OAuth v1.0 and v2.0 protocol.

1) Dependency

You need to use the following module: pac4j-oauth.

Example (Maven dependency):

<dependency>
    <groupId>org.pac4j</groupId>
    <artifactId>pac4j-oauth</artifactId>
    <version>${pac4j.version}</version>
</dependency>

2) Available clients

a) Generic clients

You can use the OAuth10Client or the OAuth20Client clients to login with an OAuth 1.0 or 2.0 server.

Example to simulate the BitbucketClient (OAuth v1.0):

OAuth10Configuration config = new OAuth10Configuration();
config.setKey("bjEt8BMpLwFDqZUvp6");
config.setSecret("NN6fVXRTcV2qYVejVLZqxBRqHgn3ygD4");
config.setApi(new BitBucketApi());
config.setProfileDefinition(new BitbucketProfileDefinition());
OAuth10Client client = new OAuth10Client();
client.setCallbackUrl(PAC4J_BASE_URL);
client.setConfiguration(config);

Example to simulate the GithubClient (OAuth v2.0):

OAuth20Configuration config = new OAuth20Configuration();
config.setApi(GitHubApi.instance());
config.setProfileDefinition(new GitHubProfileDefinition());
config.setScope("user");
config.setKey("62374f5573a89a8f9900");
config.setSecret("01dd26d60447677ceb7399fb4c744f545bb86359");
OAuth20Client client = new OAuth20Client();
client.setConfiguration(config);
client.setCallbackUrl(PAC4J_BASE_URL);

For OAuth v2.0, you can also use the GenericApi20 or directly the GenericOAuth20Client.

Example:

GenericOAuth20Client client = new GenericOAuth20Client();
Map map = new HashMap();
map.put(AGE, "Integer|age");
map.put(IS_ADMIN, "Boolean|is_admin");
map.put(BG_COLOR, "Color|bg_color");
map.put(GENDER, "Gender|gender");
map.put(BIRTHDAY, "Locale|birthday");
map.put(ID, "Long|id");
map.put(BLOG, "URI|blog");
map.put("name", "name");  //default String
client.setProfileAttrs(map);

You need to define all the attributes you want to retrieve for the user profile. You can just define the attribute name (name) or the attribute name and the associated converter (Boolean|is_admin).

Currently, the following converters are supported: Integer, Boolean, Color, Gender, Locale, Long, URI and String (by default).

b) Specific clients

By default, many clients are available to login with many identity providers:

Identity provider Client User profile
BitBucket BitbucketClient BitbucketProfile
a CAS server using the OAuth protocol CasOAuthWrapperClient CasOAuthWrapperProfile
DropBox DropBoxClient DropBoxProfile
Facebook FacebookClient FacebookProfile
Foursquare FoursquareClient FoursquareProfile
Github GitHubClient GitHubProfile
Google Google2Client Google2Profile
HiOrg-Server HiOrgServerClient HiOrgServerProfile
LinkedIn LinkedIn2Client LinkedIn2Profile
Odnoklassniki OkClient OkProfile
Paypal PayPalClient PayPalProfile
QQ QQClient QQProfile
Strava StravaClient StravaProfile
Twitter TwitterClient TwitterProfile
Vk VkClient VkProfile
Wechat WechatClient WechatProfile
Weibo WeiboClient WeiboProfile
Windows Live WindowsLiveClient WindowsLiveProfile
Word Press WordPressClient WordPressProfile
Yahoo YahooClient YahooProfile
Cronofy CronofyClient CronofyProfile

Example:

FacebookClient facebookClient = new FacebookClient("145278422258960", "be21409ba8f39b5dae2a7de525484da8");
TwitterClient twitterClient = new TwitterClient("CoxUiYwQOSFDReZYdjigBA", "2kAzunH5Btc4gRSaMr7D7MkyoJ5u1VzbOOzE8rBofs");